staging.empire.ticketcms.com Open in urlscan Pro
18.207.48.115  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response staging.empire.ticketcms.com/	410 KB 28 KB	1927ms 506ms	Document text/html	18.207.48.115 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.207.48.115 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-207-48-115.compute-1.amazonaws.com Software nginx / Resource Hash 226ac14b445a2c59cd692b4b4b5b7c4e2f893df9eb8d8f8444763fb91a85576b Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-security-policy frame-ancestors 'self'; content-type text/html; charset=UTF-8 date Sun, 14 Jul 2024 22:26:39 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache referrer-policy unsafe-url server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN
GET H2	200	app.3b87f3150a5e1ca2c8a5.css dm4wiujtrj52r.cloudfront.net/dist/10025/empire/	177 KB 24 KB	949ms 508ms	Stylesheet text/css	18.238.248.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dm4wiujtrj52r.cloudfront.net/dist/10025/empire/app.3b87f3150a5e1ca2c8a5.css Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.248.193 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-248-193.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash cfb27bfd640786ef55ed4c942bbee7bb9e6f0413de43f3b3579e0d43f82d899b Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:41 GMT content-encoding br via 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront) last-modified Tue, 11 Jun 2024 20:09:43 GMT server AmazonS3 x-amz-cf-pop AMS58-P1 etag W/"cc7f6ba704763909225a50f651d0d8c4" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Miss from cloudfront content-type text/css cache-control max-age=31536000 x-amz-cf-id TilMqScgQvvMi4m9VyFCBhbrihaEc-jIt97-GqaU7lvuQWRyP82ToQ==
GET H2	200	logo.svg dm4wiujtrj52r.cloudfront.net/10025/logos/	13 KB 5 KB	889ms 448ms	Image image/svg+xml	18.238.248.193 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dm4wiujtrj52r.cloudfront.net/10025/logos/logo.svg Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.248.193 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-248-193.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash f9a8945f3c1598e4cd64ef27bac9823c34dd66f9c1ee5bfb5abef9554398cdd2 Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:41 GMT content-encoding br via 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront) last-modified Thu, 20 Jul 2023 21:45:26 GMT server AmazonS3 x-amz-cf-pop AMS58-P1 etag W/"4f22b9733b626877ad1220d5cbdbeb17" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=31536000 x-amz-cf-id dUIPlGOilEzBr1Qqt1_0uIA7GtecudfB87yE9jjy0DE16E2zkOmPGA==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.0/	87 KB 31 KB	467ms 44ms	Script text/javascript	216.58.212.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.0/jquery.min.js Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f10.1e100.net Software sffe / Resource Hash c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 09:37:40 GMT content-encoding gzip x-content-type-options nosniff age 478139 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Jul 2025 09:37:40 GMT
GET H2	200	vendor.454f09c232bdb88717a7.js Show response dm4wiujtrj52r.cloudfront.net/dist/theme/empire/	317 KB 110 KB	372ms 67ms	Script application/javascript	18.238.248.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dm4wiujtrj52r.cloudfront.net/dist/theme/empire/vendor.454f09c232bdb88717a7.js Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.248.193 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-248-193.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash 7d0adf17f83decb591d44fd834217f180800310d1f0afb0b99b1d8495a2975e2 Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:16:26 GMT content-encoding gzip via 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront) last-modified Tue, 11 Jun 2024 20:09:34 GMT server AmazonS3 x-amz-cf-pop AMS58-P1 age 614 etag W/"76c7d3b433776f8db31d3444c26d1f20" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 x-amz-cf-id W7oNW-Mm_Z75kNO_BVT5NHd-7WMEczERO7YRvy6cYHkf63nrNss_Og==
GET H2	200	app.242c166dae8a3cd9f929.js Show response dm4wiujtrj52r.cloudfront.net/dist/theme/empire/	40 KB 12 KB	421ms 116ms	Script application/javascript	18.238.248.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dm4wiujtrj52r.cloudfront.net/dist/theme/empire/app.242c166dae8a3cd9f929.js Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.248.193 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-248-193.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash 55393d274c669c4699ba7ffb36d2ff0acae2d78d798600ac8ac496f9c31b704b Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:16:27 GMT content-encoding gzip via 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront) last-modified Tue, 11 Jun 2024 20:09:33 GMT server AmazonS3 x-amz-cf-pop AMS58-P1 age 613 etag W/"bb40edde5622ea7a29ae71359abbf712" x-amz-server-side-encryption AES256 vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 x-amz-cf-id ocnIcXl-9lkf_Rkd06IIXn3hUbqmPXih5LF9PDRtyRhTEOloI6uMgA==
GET H2	200	css2 fonts.googleapis.com/	21 KB 1 KB	498ms 48ms	Stylesheet text/css	142.250.185.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;621;800;900&display=swap Requested by Host: dm4wiujtrj52r.cloudfront.net URL: https://dm4wiujtrj52r.cloudfront.net/dist/10025/empire/app.3b87f3150a5e1ca2c8a5.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.202 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f10.1e100.net Software ESF / Resource Hash 2fa5cd082e7aecd31363c54d8af3d89375fd532cd7284df5792e205f5f7a4c97 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://dm4wiujtrj52r.cloudfront.net/dist/10025/empire/app.3b87f3150a5e1ca2c8a5.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 14 Jul 2024 22:26:40 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 14 Jul 2024 22:26:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Jul 2024 22:26:40 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	471ms 51ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;621;800;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging.empire.ticketcms.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 09 Jul 2024 09:36:02 GMT x-content-type-options nosniff age 478239 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Jul 2025 09:36:02 GMT
GET H2	200	search-bg-2.webp i.tixcdn.io/tcms/10025/list/	13 KB 14 KB	1558ms 1029ms	Image image/webp	108.156.60.115 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.tixcdn.io/tcms/10025/list/search-bg-2.webp?w=1600&h=312 Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.60.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-60-115.ams1.r.cloudfront.net Software / Resource Hash e66019fb58a12b38f298b46c8d900e5f90ea2596131d04668210ca3dd9c837b5 Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:42 GMT via 1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P2 x-amzn-requestid 4a88e94d-9d13-4580-9735-5a2ae66c8820 x-cache Miss from cloudfront x-amz-apigw-id a7GJWHpPoAMEcoQ= x-s3-cache Miss from S3 content-length 13812 last-modified Wed, 03 Apr 2024 22:03:03 GMT x-amzn-trace-id Root=1-669450a1-5790e0f67881ebf7691fb356 access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control max-age=31536000 access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id 6JusNbvIWrt28TLRNe7liCjjlBEgVOcsmRs-ZoB3n3lhjQmT_0bJjA==
GET H2	200	soccer.jpg i.tixcdn.io/tcms/10025/category/	14 KB 14 KB	1004ms 579ms	Image image/webp	108.156.60.115 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.tixcdn.io/tcms/10025/category/soccer.jpg?w=259&h=208 Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.60.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-60-115.ams1.r.cloudfront.net Software / Resource Hash 16deb69cf67a2b01dada8082fe4a75ed73b1d45881aa767d728d20b93f21704b Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:42 GMT via 1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P2 x-amzn-requestid 6210f3fb-5f2d-4fa5-b131-b124926fa2a5 x-cache Miss from cloudfront x-amz-apigw-id a7GJWGpEIAMEcXA= x-s3-cache Hit from S3 content-length 14036 last-modified Mon, 10 Jun 2024 23:25:24 GMT x-amzn-trace-id Root=1-669450a1-2dc0b83e032a40f83202a51c access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id 9-mp0ukXf91QhVBC2MD0QcUqnGabnxzFNu9F6vHSh_Q-0wnickp9JA==
GET H2	200	racing.jpg i.tixcdn.io/tcms/10025/category/	10 KB 11 KB	886ms 462ms	Image image/webp	108.156.60.115 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.tixcdn.io/tcms/10025/category/racing.jpg?w=259&h=208 Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.156.60.115 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-156-60-115.ams1.r.cloudfront.net Software / Resource Hash 07130a6dc729d8385d9e6848b057f0defc408c0fc6532953928235bb36d90a42 Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:42 GMT via 1.1 2a46367687c8f1815bbea20c92c7d64c.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P2 x-amzn-requestid 264d73d2-35c5-43df-88c3-7f248b9ca48b x-cache Miss from cloudfront x-amz-apigw-id a7GJWFr9oAMEIDQ= x-s3-cache Hit from S3 content-length 10700 last-modified Mon, 10 Jun 2024 23:25:24 GMT x-amzn-trace-id Root=1-669450a1-111d3fe80012b61e345d69cc access-control-allow-methods GET content-type image/webp access-control-allow-origin * cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id pq_uVkJJgr90a6aIHzY5Gyq5zoOCseMTq_G4Tlw2kUtX5Qh2RdAteQ==
GET H2	200	/ Show response beacon.riskified.com/	48 KB 15 KB	1932ms 221ms	Script application/javascript	18.209.146.231 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://beacon.riskified.com/?shop=ticketsforless.com&sid=6694509f2d652 Requested by Host: staging.empire.ticketcms.com URL: https://staging.empire.ticketcms.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.209.146.231 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-209-146-231.compute-1.amazonaws.com Software / Resource Hash 731806922aa7dc98ac2ca981eeefcbad029c9a277aab86ab78d42ee00f07eb29 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains; preload Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:44 GMT access-control-request-method * content-encoding gzip strict-transport-security max-age=15768000; includeSubDomains; preload x-sourcemap sm/dGlja2V0c2Zvcmxlc3MuY29t/NjY5NDUwOWYyZDY1Mg== access-control-allow-methods PUT, OPTIONS, GET, DELETE, POST content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=600 trace-id b1d9d310a74c81556cf8b320cc1b4181 timing-allow-origin * access-control-allow-headers Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
GET H2	200	favicon.ico dm4wiujtrj52r.cloudfront.net/10025/logos/	15 KB 15 KB	66ms 65ms	Other image/vnd.microsoft.icon	18.238.248.193 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dm4wiujtrj52r.cloudfront.net/10025/logos/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.248.193 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-248-193.ams58.r.cloudfront.net Software AmazonS3 / Resource Hash 9cf34536aeacbdc9a319fd57fc23c813dec956b1ca2f44e5884e798bcbc906d0 Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:16:23 GMT via 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront) last-modified Thu, 20 Jul 2023 21:51:07 GMT server AmazonS3 x-amz-cf-pop AMS58-P1 age 620 etag "b7af873b38de926323f5a58caf530b76" x-amz-server-side-encryption AES256 vary Origin x-cache Hit from cloudfront content-type image/vnd.microsoft.icon cache-control max-age=31536000 accept-ranges bytes content-length 15086 x-amz-cf-id NBSq_zV0Q4Bc8U_6eBXBRldmn5F-3OHERIzJUOfNyZJH3dQyBwPT7w==
GET H2	200	image-l.gif img.riskified.com/img/	35 B 160 B	472ms 133ms	Image image/gif	18.215.56.141 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.riskified.com/img/image-l.gif?t=17209960046740.4362547021445904&c=dgwfycibtifis5l81ok3eelym4l3y0&p=ue181b&a=6694509f2d652&o=ticketsforless.com&rt=1720996004467 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.215.56.141 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-215-56-141.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:45 GMT last-modified Thu, 29 Sep 2022 08:50:09 GMT server nginx/1.24.0 accept-ranges bytes etag "63355c41-23" content-length 35 content-type image/gif
GET H2	200	image-l.gif img.riskified.com/img/	35 B 159 B	135ms 134ms	Image image/gif	18.215.56.141 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.riskified.com/img/image-l.gif?t=17209960051660.2076911751161863&c=dgwfycibtifis5l81ok3eelym4l3y0&p=ue181b&a=6694509f2d652&o=ticketsforless.com&rt=1720996004467 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.215.56.141 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-215-56-141.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:45 GMT last-modified Thu, 29 Sep 2022 08:50:09 GMT server nginx/1.24.0 accept-ranges bytes etag "63355c41-23" content-length 35 content-type image/gif
GET H2	200	image-l.gif img.riskified.com/img/	35 B 159 B	133ms 131ms	Image image/gif	18.215.56.141 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.riskified.com/img/image-l.gif?t=17209960053170.2791223064700423&c=dgwfycibtifis5l81ok3eelym4l3y0&p=ue181b&a=6694509f2d652&o=ticketsforless.com&rt=1720996004467 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.215.56.141 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-215-56-141.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:45 GMT last-modified Thu, 29 Sep 2022 08:50:09 GMT server nginx/1.24.0 accept-ranges bytes etag "63355c41-23" content-length 35 content-type image/gif
GET H2	200	image-l.gif img.riskified.com/img/	35 B 159 B	141ms 141ms	Image image/gif	18.215.56.141 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://img.riskified.com/img/image-l.gif?t=17209960054630.4682021905574927&c=dgwfycibtifis5l81ok3eelym4l3y0&p=ue181b&a=6694509f2d652&o=ticketsforless.com&rt=1720996004467 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 18.215.56.141 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-215-56-141.compute-1.amazonaws.com Software nginx/1.24.0 / Resource Hash b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d Request headers Referer https://staging.empire.ticketcms.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 14 Jul 2024 22:26:45 GMT last-modified Thu, 29 Sep 2022 08:50:09 GMT server nginx/1.24.0 accept-ranges bytes etag "63355c41-23" content-length 35 content-type image/gif
GET		image-l.gif img.riskified.com/img/	0 0
POST H2	201	client_infos Show response c.riskified.com/v2/	0 338 B	134ms 130ms	XHR text/plain	44.213.218.67
General Check archive.org Show headers Download Go to Full URL https://c.riskified.com/v2/client_infos Requested by Host: beacon.riskified.com URL: https://beacon.riskified.com/?shop=ticketsforless.com&sid=6694509f2d652 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.213.218.67 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains; preload Request headers Access-Control-Allow-Origin * Referer https://staging.empire.ticketcms.com/ Access-Control-Allow-Headers Content-Type User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Sun, 14 Jul 2024 22:26:46 GMT access-control-request-method * strict-transport-security max-age=15768000; includeSubDomains; preload access-control-allow-methods PUT, OPTIONS, GET, DELETE, POST access-control-allow-origin * trace-id 3a4bb3753d0a4dc3a3297426fc24e013 timing-allow-origin * access-control-allow-headers Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256 content-length 0
OPTIONS H2	200	client_infos c.riskified.com/v2/	0 0	806ms 144ms	Preflight text/plain	44.213.218.67
General Check archive.org Show headers Download Go to Full URL https://c.riskified.com/v2/client_infos Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.213.218.67 -, , ASN (), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers access-control-allow-headers,access-control-allow-origin,content-type Access-Control-Request-Method POST Origin https://staging.empire.ticketcms.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256 access-control-allow-methods PUT, OPTIONS, GET, DELETE, POST access-control-allow-origin * access-control-request-method * content-length 2 content-type text/plain; charset=UTF-8 date Sun, 14 Jul 2024 22:26:46 GMT strict-transport-security max-age=15768000; includeSubDomains; preload timing-allow-origin * trace-id ed1691eb0711f6daf4d1d16c73e0ef9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

img.riskified.com

URL

https://img.riskified.com/img/image-l.gif?t=17209960056180.5770177130412626&c=dgwfycibtifis5l81ok3eelym4l3y0&p=ue181b&a=6694509f2d652&o=ticketsforless.com&rt=1720996004467

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| atbsEnv object| webpackChunk_atbs_lite_core object| FontAwesomeConfig object| ___FONT_AWESOME___ function| initGeoAutocomplete object| Alpine object| powerUI function| getYyRxId function| getYyRxId1 function| getYyRxId2 function| getYyRxId3 function| getYyRxId4 function| getRiskxConfig object| _0xa935 function| _0x5a93 object| RI22 object| RISKX function| trimHash function| stringToBoolean function| getFirstIfArray function| decodeError function| shorten function| setSafariIsIncognito function| setChromeQuota function| setServiceWorkerUndefined function| setIsBrave function| safariIncognitoTest function| queryChromeQuota number| R_BOOMR_start number| MEASUREMENTS object| R_BOOMR boolean| DEBUG object| RISKX_REQUEST_SENDER object| RISKX_SHUFFLE string| _keyStr function| b64Encode function| _utf8_encode object| lat_values boolean| battery_charging

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			staging.empire.ticketcms.com/	1970-01-20 22:03:17	Name: resale_notice Value: 1
			staging.empire.ticketcms.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: qtg6olu7isbeubprefi6jo2h46
			staging.empire.ticketcms.com/	1970-01-20 22:46:27	Name: atbs_location Value: 45.4722%7C9.1922%7CMilan%7C25%7C
			.ticketcms.com/	1970-01-21 07:39:16	Name: lastRskxRun Value: 1720996004650
			.ticketcms.com/	1970-01-21 07:39:16	Name: rskxRunCookie Value: 0
			.ticketcms.com/	1970-01-21 07:39:16	Name: rCookie Value: dgwfycibtifis5l81ok3eelym4l3y0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
beacon.riskified.com
c.riskified.com
dm4wiujtrj52r.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.tixcdn.io
img.riskified.com
staging.empire.ticketcms.com
img.riskified.com
108.156.60.115
142.250.185.202
142.250.186.67
18.207.48.115
18.209.146.231
18.215.56.141
18.238.248.193
216.58.212.170
44.213.218.67
07130a6dc729d8385d9e6848b057f0defc408c0fc6532953928235bb36d90a42
16deb69cf67a2b01dada8082fe4a75ed73b1d45881aa767d728d20b93f21704b
226ac14b445a2c59cd692b4b4b5b7c4e2f893df9eb8d8f8444763fb91a85576b
2fa5cd082e7aecd31363c54d8af3d89375fd532cd7284df5792e205f5f7a4c97
55393d274c669c4699ba7ffb36d2ff0acae2d78d798600ac8ac496f9c31b704b
731806922aa7dc98ac2ca981eeefcbad029c9a277aab86ab78d42ee00f07eb29
7d0adf17f83decb591d44fd834217f180800310d1f0afb0b99b1d8495a2975e2
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
9cf34536aeacbdc9a319fd57fc23c813dec956b1ca2f44e5884e798bcbc906d0
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
cfb27bfd640786ef55ed4c942bbee7bb9e6f0413de43f3b3579e0d43f82d899b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66019fb58a12b38f298b46c8d900e5f90ea2596131d04668210ca3dd9c837b5
f9a8945f3c1598e4cd64ef27bac9823c34dd66f9c1ee5bfb5abef9554398cdd2