onebox-order-ticket.s3.eu-west-1.amazonaws.com Open in urlscan Pro
3.5.65.232 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49
Effective URL:
https://onebox-order-ticket.s3.eu-west-1.amazonaws.com/pro/925/1046/mergedTickets/NXDEB1EWW4AK.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240604...
Submission: On June 04 via manual (June 4th 2024, 12:32:57 pm UTC) from ES — Scanned from ES

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 3.5.65.232, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is onebox-order-ticket.s3.eu-west-1.amazonaws.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 31st 2024. Valid for: a year.

This is the only time onebox-order-ticket.s3.eu-west-1.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	172.67.30.9 172.67.30.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.34.113 108.138.34.113	16509 (AMAZON-02) (AMAZON-02)
2	3.5.65.232 3.5.65.232	16509 (AMAZON-02) (AMAZON-02)
11	4

8 172.67.30.9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

proticketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.34.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-113.muc50.r.cloudfront.net

d172r8p29q9umz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.65.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

onebox-order-ticket.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	proticketing.com 1 redirects proticketing.com	66 KB
2	amazonaws.com onebox-order-ticket.s3.eu-west-1.amazonaws.com	544 B
1	cloudfront.net d172r8p29q9umz.cloudfront.net	261 KB
11	3

	Domain	Requested by
8	proticketing.com	1 redirects proticketing.com d172r8p29q9umz.cloudfront.net
2	onebox-order-ticket.s3.eu-west-1.amazonaws.com	proticketing.com
1	d172r8p29q9umz.cloudfront.net	proticketing.com
11	3

This site contains no links.

Subject Issuer	Validity	Valid
proticketing.com GTS CA 1P5	`2024-05-13` - `2024-08-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2024-01-31` - `2025-01-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onebox-order-ticket.s3.eu-west-1.amazonaws.com/pro/925/1046/mergedTickets/NXDEB1EWW4AK.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240604T123255Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Credential=AKIAYYSPD6SDNGBMOR5W%2F20240604%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Signature=715afb795fce2d0d70233496e9b844a11a58ff42b5c7f4e1b165a471973a9e32
Frame ID: BCCCC8B1341637D8DA2D3C70E418FEBB
Requests: 9 HTTP requests in this frame

Frame: https://proticketing.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
Frame ID: 91D285E5B771FFAB6759EE18BBF503FC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081b... Page URL
https://onebox-order-ticket.s3.eu-west-1.amazonaws.com/pro/925/1046/mergedTickets/NXDEB1EWW4AK.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

327 kB
Transfer

453 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49 Page URL
https://onebox-order-ticket.s3.eu-west-1.amazonaws.com/pro/925/1046/mergedTickets/NXDEB1EWW4AK.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240604T123255Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Credential=AKIAYYSPD6SDNGBMOR5W%2F20240604%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Signature=715afb795fce2d0d70233496e9b844a11a58ff42b5c7f4e1b165a471973a9e32 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://proticketing.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://proticketing.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 65aff2fca9013ff7184af4ce01258081bd66af49 Show response
proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/ 4 KB
3 KB 169ms
107ms Document
text/html 172.67.30.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.30.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5937c78a45c8f3443927542baf87350943967c86f36835760d1def1350e9650e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88e7f2b80ddc2fab-MAD
content-encoding: br
content-language: es-ES
content-type: text/html;charset=UTF-8
date: Tue, 04 Jun 2024 12:32:52 GMT
expires: 0
ob-audit-trace-id: 066bbeb0df12af9786fdbe5111877c42
objectcached: NOPE
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache: MISS
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 jquery-1.8.3-obmod.js Show response
d172r8p29q9umz.cloudfront.net/pro/ob_base_v1/js/min/ 260 KB
261 KB 274ms
102ms Script
application/x-javascript 108.138.34.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d172r8p29q9umz.cloudfront.net/pro/ob_base_v1/js/min/jquery-1.8.3-obmod.js
Requested by: Host: proticketing.com
URL: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-113.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 085670b5e9cef6389845f5e2c6556eb655bfd8294ff662e63bc054715f945a18

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://proticketing.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: QfPzF5MzNnGNBQCDP4Hd86MoxpDgyjOJ
date: Tue, 04 Jun 2024 12:32:52 GMT
via: 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 182
x-amz-meta-cb-modifiedtime: Tue, 01 Mar 2016 19:41:35 GMT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 266233
last-modified: Tue, 01 Mar 2016 23:30:26 GMT
server: AmazonS3
etag: "c16d84949400ea95773a2f5c098d1017"
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: 8_MVw691Yx5zBFqs7ODR_q0Vg4xrl94-ptW65jmvtc6maKUhbRsMeA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 channelLiterals Show response
proticketing.com/baila/es_ES/ 174 KB
54 KB 93ms
93ms Script
text/javascript 172.67.30.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://proticketing.com/baila/es_ES/channelLiterals

Requested by

Host: proticketing.com
URL: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.30.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fede957f495e073bb3c4c0d3744e9769e7c3bbd814d7f201571556f933e70b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 12:32:52 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
objectcachedttl: 300.000
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 91
x-cache: HIT
objectcached: YEAH
alt-svc: h3=":443"; ma=86400
content-length: 54498
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
ob-audit-trace-id: 64185d77639161db25e5eda543d47cb4
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
content-language: es-ES
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow
cf-ray: 88e7f2b8cef02fab-MAD
expires: 0

GET style.css
d172r8p29q9umz.cloudfront.net/pro/baila/css/ 0
0

GET
H3 200 loading_55.gif
proticketing.com/resources/v2/ob_base_v1/img/ 2 KB
2 KB 56ms
56ms Image
image/gif 172.67.30.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://proticketing.com/resources/v2/ob_base_v1/img/loading_55.gif

Requested by

Host: proticketing.com
URL: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.30.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7000121e5af91ff47c731e76c9e79805e9687b1b2cfc871bff8f6b892cd43fee

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 12:32:53 GMT
objectcachedttl: 300.000
cf-cache-status: HIT
age: 3465
x-cache: MISS
objectcached: YEAH
alt-svc: h3=":443"; ma=86400
content-length: 1924
x-xss-protection: 1; mode=block
last-modified: Fri, 31 May 2024 11:46:58 GMT
server: cloudflare
ob-audit-trace-id: 88413bfd7ac35b0cf76b3c715f09bf08
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
content-type: image/gif
cache-control: max-age=300
accept-ranges: bytes
x-robots-tag: noindex, nofollow
cf-ray: 88e7f2bbfc922fab-MAD

GET
H3

200

main.js Show response
proticketing.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/ Frame 91D2
Redirect Chain

https://proticketing.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://proticketing.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

8 KB
4 KB

51ms
50ms

Script
application/javascript

172.67.30.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://proticketing.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js

Requested by

Host: proticketing.com
URL: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49

Protocol

Server

172.67.30.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a910078a35ac7c5f785a4152fe1bd00724f8676c460d86bf1925a5d62da0096c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 04 Jun 2024 12:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88e7f2bc4d3d2fab-MAD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 04 Jun 2024 12:32:53 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/26ed7e9dda49/main.js
cache-control: max-age=300, public
cf-ray: 88e7f2bbfca12fab-MAD
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 403 favicon.ico
proticketing.com/ 4 KB
2 KB 47ms
47ms Other
text/html 172.67.30.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://proticketing.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.30.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab01198fd96e7af79f093af43e1d0d33751e47b2e9dcc1800bb4a13deb5975b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 12:32:53 GMT
content-encoding: br
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=15
cf-ray: 88e7f2bc5d522fab-MAD
alt-svc: h3=":443"; ma=86400
expires: Tue, 04 Jun 2024 12:33:08 GMT

POST
H3 200 88e7f2b80ddc2fab Show response
proticketing.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 91D2 0
957 B 82ms
80ms XHR
text/plain 172.67.30.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proticketing.com/cdn-cgi/challenge-platform/h/g/jsd/r/88e7f2b80ddc2fab
Requested by: Host: proticketing.com
URL: https://proticketing.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.30.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 Jun 2024 12:32:53 GMT
server: cloudflare
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=OdO6i0gU7XwlmT.snf0MZclpXh72hSaoWlms12HYJNE-1717504373-1.0.1.1-RPncQq4Pr_91jbg4uEm213aooUDLO.Q8GLD2wx4Yd4M.BJqLBdMLWr0WsB0TnGbn6b6a77kAoByxLgO7z0fvHfr9NqjcMqST7wA5uBEv1.Gr44kLp1TsYlAwmFlDLNAhSy.JY92z.E3.fmeqiPW_0CZFs9x1iMPHj5WWUO7nLz8; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=OdO6i0gU7XwlmT.snf0MZclpXh72hSaoWlms12HYJNE-1717504373-1.0.1.1-RPncQq4Pr_91jbg4uEm213aooUDLO.Q8GLD2wx4Yd4M.BJqLBdMLWr0WsB0TnGbn6b6a77kAoByxLgO7z0fvHfr9NqjcMqST7wA5uBEv1.Gr44kLp1TsYlAwmFlDLNAhSy.JY92z.E3.fmeqiPW_0CZFs9x1iMPHj5WWUO7nLz8"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/plain; charset=UTF-8
cf-ray: 88e7f2bd0ec42fab-MAD
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 downloads
proticketing.com/baila/es_ES/operaciones/tickets/ 365 B
629 B 210ms
209ms XHR
text/plain 172.67.30.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://proticketing.com/baila/es_ES/operaciones/tickets/downloads?orderCode=NXDEB1EWW4AK&ticketsHash=65aff2fca9013ff7184af4ce01258081bd66af49

Requested by

Host: d172r8p29q9umz.cloudfront.net
URL: https://d172r8p29q9umz.cloudfront.net/pro/ob_base_v1/js/min/jquery-1.8.3-obmod.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.30.9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: text/plain, */*; q=0.01
Referer: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 12:32:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
age: 0
x-cache: MISS
objectcached: NOPE
alt-svc: h3=":443"; ma=86400
content-length: 300
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
ob-audit-trace-id: b1537f9ed8ee6c50653b76827dc08c7d
vary: Accept-Encoding
content-type: text/plain;charset=ISO-8859-1
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex, nofollow
cf-ray: 88e7f2c87b0d2fab-MAD
expires: 0

GET
H/1.1 200
OK Primary Request NXDEB1EWW4AK.pdf Show response
onebox-order-ticket.s3.eu-west-1.amazonaws.com/pro/925/1046/mergedTickets/ 345 B
0 305ms
142ms Document
application/pdf 3.5.65.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onebox-order-ticket.s3.eu-west-1.amazonaws.com/pro/925/1046/mergedTickets/NXDEB1EWW4AK.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240604T123255Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Credential=AKIAYYSPD6SDNGBMOR5W%2F20240604%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Signature=715afb795fce2d0d70233496e9b844a11a58ff42b5c7f4e1b165a471973a9e32
Requested by: Host: proticketing.com
URL: https://proticketing.com/baila/es_ES/tickets/downloads/NXDEB1EWW4AK/65aff2fca9013ff7184af4ce01258081bd66af49
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.65.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8cd447ab923d7277e27b1959745597238f3f51a2e857ce7f89f437bf1ba03f83

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://proticketing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Content-Encoding: UTF-8
Content-Length: 1062191
Content-Type: application/pdf
Date: Tue, 04 Jun 2024 12:32:56 GMT
ETag: "43b4c0f4077928399d838872baaf9e3b"
Last-Modified: Tue, 04 Jun 2024 11:58:50 GMT
Server: AmazonS3
x-amz-expiration: expiry-date="Tue, 03 Sep 2024 00:00:00 GMT", rule-id="tickets-expire-time"
x-amz-id-2: MJ+7pSllzRdurLh46GDuDaqnjPORVtXxlI/1eLcO2NHNBZT2ekuTpujrnrAKD85G15RG3Pf78oF+hXWMPMVXFg==
x-amz-request-id: CWFAW1FB77BBT71H
x-amz-server-side-encryption: AES256
x-amz-version-id: pPum9aHjReEy8k83QwbilXs6veVtOudw

GET
H/1.1 403
Forbidden favicon.ico
onebox-order-ticket.s3.eu-west-1.amazonaws.com/ 255 B
544 B 248ms
93ms Other
application/xml 3.5.65.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onebox-order-ticket.s3.eu-west-1.amazonaws.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.65.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 955af0feabe39c9269ac7a2d387dd8b6f0bc875aae4571632215a14d83c32501

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://onebox-order-ticket.s3.eu-west-1.amazonaws.com/pro/925/1046/mergedTickets/NXDEB1EWW4AK.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20240604T123255Z&X-Amz-SignedHeaders=host&X-Amz-Expires=3600&X-Amz-Credential=AKIAYYSPD6SDNGBMOR5W%2F20240604%2Feu-west-1%2Fs3%2Faws4_request&X-Amz-Signature=715afb795fce2d0d70233496e9b844a11a58ff42b5c7f4e1b165a471973a9e32
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 04 Jun 2024 12:32:55 GMT
Server: AmazonS3
x-amz-request-id: CWF0WXNNJGXXZPA6
x-amz-id-2: uuGKnpTFLZsvHEpvS1c8/Luq6vpQ5GCVnZ+vtkDsfXCnN/jivY5/uBIFMApM3ySMp4B18X1gMs7VVVFBtUBszg==
Transfer-Encoding: chunked
Content-Type: application/xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d172r8p29q9umz.cloudfront.net
URL: https://d172r8p29q9umz.cloudfront.net/pro/baila/css/style.css

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proticketing.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: H4sIAAAAAAAA/5VUPW/TQBh+7aQqpV+hRUUMsPAhJMBWy4JUEE2jNLi4TRUnEjBQLvY1ufbsM3fX1u1QwR+AmYE/gFj5AYiBgQnYWBkBMbIgwXsJJQ1CICz5rHv03PM+9z5v8uwzDCgJl0MROyKhTZHp2FFUKSYSJyYJaVH5ax9QyQhnu6TJadDFPt5YclcGz5+yYWARRkJJiUa0zmK6CAVOlC6GITJpZCAPJmOSeQkJNduiXqKp3CLcB5tFGib8dbJFXE6SlhtoyZLWrA8jP0sXtZZKw3iXs6kZd5dIOpulANajD1e+XNz/fscnxQsdMUTHEJ3rRLWRPDD4/sXLqbtvcmAvwGEuSLSAPoT0YEi3JVVtwaMsvTYH5hnZPoRrAV9Lw7FgpeYtV1aDcqlR8+q3VkvV5Xr5Zh3LXBWy5ajUuF2TJKbbQm5gu8JNyfSOEwpJccF7Zhqb10VL3b0Xp7xTCuwJGywfxsimbtNEs7DTQg0zPoq7v4m7++KuEXeLfWewH+ip+ldP/VWchqIyQdIKUQqJUb9gXWzQpOfS9mEYI44MgXDVn1m1uU5DjZkNmdIhSwm/B3swnEmo/I+jYlNpicn8wcm7p+f2kko0ZkPuNoweOEcjdGb2AhUZRWdTByalJDhHa6ZBPgxGVBPGVddbamHDzvZmpUdVpxtJLCK2xsy0+0zpb+Nnpp9/eljopJXniGgoHChjOLN42wv/luvhx+fh/us7X092RK3QuBrtpDjZUylKSXaMevbg7YnHr8iTHFge5BXbpeYHANZ23qx4aP7f47jfpR0nYDiCtCIJzmMn9w7cN5N5KTg1nqws1TBUq/rl1UZQrmUGO4pQbnrmksYoOJ/r/ns4VGU/AKXPMS9UBAAA::CFVBal0BPiLsOp3o77bWnTg3LhBGkaEsyAdJygaJkOs=
.proticketing.com/	1970-01-20 21:05:06	Name: __cf_bm Value: NBnIJQXdUf2lg8SHeL5Az3ZDr5TK95QJeGog1QaYpz8-1717504372-1.0.1.1-Xe7od9nNN3It.YhGgXNdenltc9HLttXOyHQNpWAUE8KCFiNfNIi.CUJTQpiUPueX4_FOUkkZPKl1YNiFhLqadQ
.proticketing.com/	1970-01-21 05:50:40	Name: cf_clearance Value: 5s..DzDWppnoZ0X6MiJJMR7.zNuPZMeQmR9WhjA7i88-1717504373-1.0.1.1-Fn03LHmvipP8j1R1Zl17W7dmkxgm6U_c6sBCKriW4DM1MSZU4N6MFs.L1RvddqcTn7.PVF8J1RkZ5qsrqQucLQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://proticketing.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://onebox-order-ticket.s3.eu-west-1.amazonaws.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d172r8p29q9umz.cloudfront.net
onebox-order-ticket.s3.eu-west-1.amazonaws.com
proticketing.com
d172r8p29q9umz.cloudfront.net
108.138.34.113
172.67.30.9
3.5.65.232
085670b5e9cef6389845f5e2c6556eb655bfd8294ff662e63bc054715f945a18
5937c78a45c8f3443927542baf87350943967c86f36835760d1def1350e9650e
7000121e5af91ff47c731e76c9e79805e9687b1b2cfc871bff8f6b892cd43fee
8cd447ab923d7277e27b1959745597238f3f51a2e857ce7f89f437bf1ba03f83
955af0feabe39c9269ac7a2d387dd8b6f0bc875aae4571632215a14d83c32501
a910078a35ac7c5f785a4152fe1bd00724f8676c460d86bf1925a5d62da0096c
ab01198fd96e7af79f093af43e1d0d33751e47b2e9dcc1800bb4a13deb5975b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fede957f495e073bb3c4c0d3744e9769e7c3bbd814d7f201571556f933e70b68

onebox-order-ticket.s3.eu-west-1.amazonaws.com Open in urlscan Pro 3.5.65.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

82 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

327 kBTransfer

453 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

2 Console Messages

Security Headers

Indicators

onebox-order-ticket.s3.eu-west-1.amazonaws.com Open in urlscan Pro
3.5.65.232 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

327 kB
Transfer

453 kB
Size

3
Cookies

11 HTTP transactions
0 data transactions