sastaticket-frontend-core-pr-150.onrender.com Open in urlscan Pro
216.24.57.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sastaticket-frontend-core-pr-150.onrender.com/
Submission: On January 26 via automatic, source certstream-suspicious (January 26th 2022, 6:51:48 pm UTC) — Scanned from DE

Summary HTTP 16 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 216.24.57.3, located in United States and belongs to RENDER, US. The main domain is sastaticket-frontend-core-pr-150.onrender.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2022. Valid for: a year.

This is the only time sastaticket-frontend-core-pr-150.onrender.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	216.24.57.3 216.24.57.3	397273 (RENDER) (RENDER)
1	52.222.214.26 52.222.214.26	16509 (AMAZON-02) (AMAZON-02)
1	34.205.132.152 34.205.132.152	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::ac43:444f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	6

7 216.24.57.3 (United States)

ASN397273 (RENDER, US)
PTR: 216-24-57-3.ip.win.net

sastaticket-frontend-core-pr-150.onrender.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-26.fra56.r.cloudfront.net

snippets.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.132.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-132-152.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

doc-14-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
doc-0s-44-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:444f (United States)

ASN13335 (CLOUDFLARENET, US)

www.sastaticket.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staging.sastaticket.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	onrender.com sastaticket-frontend-core-pr-150.onrender.com	1 MB
5	sastaticket.pk www.sastaticket.pk staging.sastaticket.pk	137 KB
2	googleusercontent.com doc-14-44-docs.googleusercontent.com — Cisco Umbrella Rank: 421928 doc-0s-44-docs.googleusercontent.com — Cisco Umbrella Rank: 457263	97 KB
2	google.com 2 redirects drive.google.com — Cisco Umbrella Rank: 342	2 KB
2	freshchat.com snippets.freshchat.com — Cisco Umbrella Rank: 53168 wchat.freshchat.com — Cisco Umbrella Rank: 10523	32 KB
16	5

	Domain	Requested by
7	sastaticket-frontend-core-pr-150.onrender.com	sastaticket-frontend-core-pr-150.onrender.com
4	www.sastaticket.pk	sastaticket-frontend-core-pr-150.onrender.com
2	drive.google.com	2 redirects
1	staging.sastaticket.pk	sastaticket-frontend-core-pr-150.onrender.com
1	doc-0s-44-docs.googleusercontent.com	sastaticket-frontend-core-pr-150.onrender.com
1	doc-14-44-docs.googleusercontent.com	sastaticket-frontend-core-pr-150.onrender.com
1	wchat.freshchat.com	sastaticket-frontend-core-pr-150.onrender.com
1	snippets.freshchat.com	sastaticket-frontend-core-pr-150.onrender.com
16	8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-26` - `2023-01-25`	a year	crt.sh
freshchat.com Amazon	`2021-07-26` - `2022-08-24`	a year	crt.sh
*.freshchat.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sastaticket-frontend-core-pr-150.onrender.com/
Frame ID: AD0DF97C59DF73B89D0429373F11551F
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sastaticket.pk- Cheap Flights, Best Hotel Rate and Holiday Package

Detected technologies

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Page Statistics

16
Requests

88 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

6
IPs

2
Countries

1582 kB
Transfer

5248 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sastaticket.pk/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sastaticket.pk/?hl=en

Search URL Search Domain Scan URL

URL: https://twitter.com/sastaticketpk

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://drive.google.com/uc?export=view&id=1kj2PU88BYE8pQQ-deddaRcSD3IKjOMo1 HTTP 302
https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/32tsdbmob03k714go8du3sa8gj80m9fg/1643223075000/10453008600625740881/*/1kj2PU88BYE8pQQ-deddaRcSD3IKjOMo1?e=view

Request Chain 6

https://drive.google.com/uc?export=view&id=1cRCkmG0DURrJM7ZUHA9ATvLEsL9yZlNA HTTP 302
https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h7201mbvuglsh0frfpn4lfuo1t622c61/1643223075000/10453008600625740881/*/1cRCkmG0DURrJM7ZUHA9ATvLEsL9yZlNA?e=view

16 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sastaticket-frontend-core-pr-150.onrender.com/ 2 KB
1 KB 157ms
42ms Document
text/html 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://sastaticket-frontend-core-pr-150.onrender.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

216-24-57-3.ip.win.net

Software

cloudflare /

Resource Hash

cbeebfb8d71571490d6bcd19cf2b658474b12974d2de11b8c01dd7aa02802142

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 26 Jan 2022 18:51:40 GMT
content-type: text/html; charset=utf-8
content-length: 760
cache-control: public, max-age=0, s-maxage=300
content-encoding: gzip
etag: "a044ae0a1d2d4fffb9bdb50e67cb9122"
last-modified: Wed, 26 Jan 2022 11:23:48 UTC
strict-transport-security: max-age=315360000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex
cf-cache-status: HIT
age: 1
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3bef1c090090b2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fc-pre-chat-form-v2.js Show response
snippets.freshchat.com/js/ 17 KB
18 KB 84ms
19ms Script
application/javascript 52.222.214.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snippets.freshchat.com/js/fc-pre-chat-form-v2.js
Requested by: Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c1511a71d3be9e39ee0f44cd7ce8c6680c7fcce9a4442289ab0a31e832cd314

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: UWrzWkM1Vl1xxtVMSb8eeNESFOI0z7L_
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
etag: "51f673d97978560f5ed573102610961e"
last-modified: Wed, 30 Oct 2019 14:01:49 GMT
server: AmazonS3
age: 2653
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
date: Wed, 26 Jan 2022 18:07:27 GMT
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 17644
x-amz-cf-id: BZVcQ989sIstmzXwd-8NyaJAjUrwb6jaSg2TtRGZ4mv-_KZxW3ettQ==

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 44 KB
14 KB 429ms
199ms Script
application/javascript 34.205.132.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.132.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-132-152.compute-1.amazonaws.com

Software

fwe /

Resource Hash

67132b7a8d4f22ec1e3e60fb95543c490228134d4bd057e4b20d07f81c13eff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 18:51:41 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 667daa07-6caf-4c37-a40d-7f64ff923f97
x-trace-id: 00-b2189839bf9936eb0b474935fde2df6a-3418f43ecc56ba20-00
served-by: 2601
last-modified: Thu, 20 Jan 2022 05:35:11 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 2601
Content-Type: application/javascript

GET
H2 200 runtime.28c323bf8ee123f67bad.esm.js Show response
sastaticket-frontend-core-pr-150.onrender.com/ 1 KB
871 B 660ms
659ms Script
text/javascript 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://sastaticket-frontend-core-pr-150.onrender.com/runtime.28c323bf8ee123f67bad.esm.js

Requested by

Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

216-24-57-3.ip.win.net

Software

cloudflare /

Resource Hash

6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
Origin: https://sastaticket-frontend-core-pr-150.onrender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 6d3bef1cda7190b2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 727
last-modified: Wed, 26 Jan 2022 11:23:48 UTC
server: cloudflare
etag: "1244d3f2f28ecc6619157927aca95200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=315360000; includeSubdomains; preload
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=0, s-maxage=300
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 polyfills.50b8f5ac22f5ed8be778.esm.js Show response
sastaticket-frontend-core-pr-150.onrender.com/ 86 KB
31 KB 703ms
702ms Script
text/javascript 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://sastaticket-frontend-core-pr-150.onrender.com/polyfills.50b8f5ac22f5ed8be778.esm.js

Requested by

Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

216-24-57-3.ip.win.net

Software

cloudflare /

Resource Hash

a01d61f9fba1867a99b4d96330edba40d863dc3da874ac381f26f4310e267cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
Origin: https://sastaticket-frontend-core-pr-150.onrender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:23:48 UTC
server: cloudflare
etag: "ef49277dd2b830e2b4fa2cd8ce47522f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=0, s-maxage=300
strict-transport-security: max-age=315360000; includeSubdomains; preload
cf-ray: 6d3bef1cda7390b2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H2 200 main.fb7eb271bdbcea126c79.esm.js Show response
sastaticket-frontend-core-pr-150.onrender.com/ 4 MB
1021 KB 804ms
804ms Script
text/javascript 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://sastaticket-frontend-core-pr-150.onrender.com/main.fb7eb271bdbcea126c79.esm.js

Requested by

Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

216-24-57-3.ip.win.net

Software

cloudflare /

Resource Hash

5b8b8c1df14cadae270bab8216f374c80ba97097577a718ddbfb729859ce129a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
Origin: https://sastaticket-frontend-core-pr-150.onrender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:23:48 UTC
server: cloudflare
etag: "c94e08f96a42767d414d7a3d9935d908"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=0, s-maxage=300
strict-transport-security: max-age=315360000; includeSubdomains; preload
cf-ray: 6d3bef1cda7790b2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H2

200

1kj2PU88BYE8pQQ-deddaRcSD3IKjOMo1
doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/32tsdbmob03k714go8du3sa8gj80m9fg/1643223075000/10453008600625740881/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1kj2PU88BYE8pQQ-deddaRcSD3IKjOMo1
https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/32tsdbmob03k714go8du3sa8gj80m9fg/1643223075000/10453008600625740881/*/1kj2PU88BYE8pQQ-deddaRcSD3IKjOMo1?e...

50 KB
50 KB

230ms
229ms

Image
image/jpeg

2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/32tsdbmob03k714go8du3sa8gj80m9fg/1643223075000/10453008600625740881/*/1kj2PU88BYE8pQQ-deddaRcSD3IKjOMo1?e=view
Requested by: Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/
Protocol: H2
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5746dc232c30b0406d7f73fff3de761d5385973dd16456377c5391be70d8b9fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment
x-guploader-uploadid: ADPycdvKMy6M1QAOet6TZQbRq1jwxt3AVZ9tzvDKPsGC0QDQie3UlH-3CVHVr3QV_e5Tmhv9KxLwNVng8O_H0bpJQQ
x-goog-hash: crc32c=Hja7FA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="st-promo-deals.jpg";filename*=UTF-8''st-promo-deals.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50844
expires: Wed, 26 Jan 2022 18:51:43 GMT

Redirect headers

date: Wed, 26 Jan 2022 18:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
location: https://doc-14-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/32tsdbmob03k714go8du3sa8gj80m9fg/1643223075000/10453008600625740881/*/1kj2PU88BYE8pQQ-deddaRcSD3IKjOMo1?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-bQLLAquxZsNpCPcdAlEaSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1cRCkmG0DURrJM7ZUHA9ATvLEsL9yZlNA
doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h7201mbvuglsh0frfpn4lfuo1t622c61/1643223075000/10453008600625740881/*/
Redirect Chain

https://drive.google.com/uc?export=view&id=1cRCkmG0DURrJM7ZUHA9ATvLEsL9yZlNA
https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h7201mbvuglsh0frfpn4lfuo1t622c61/1643223075000/10453008600625740881/*/1cRCkmG0DURrJM7ZUHA9ATvLEsL9yZlNA?e...

45 KB
47 KB

291ms
230ms

Image
image/jpeg

2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h7201mbvuglsh0frfpn4lfuo1t622c61/1643223075000/10453008600625740881/*/1cRCkmG0DURrJM7ZUHA9ATvLEsL9yZlNA?e=view
Requested by: Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/
Protocol: H2
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1bf7e39ad748c957ac2437c63cd44630e62230a873a23f8c3caeec656999b038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment
x-guploader-uploadid: ADPycdtt-hNcBXFGGb1uYVzB5G5vCYJSKpR2TUkcWoRcqVeCjRxJE6IMRXBk4gH-xDd-Ez5yJRTwssLFwVzKuVDhOZ_kWvuoAw
x-goog-hash: crc32c=axf0Kg==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="st-promo-hotels.jpg";filename*=UTF-8''st-promo-hotels.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45679
expires: Wed, 26 Jan 2022 18:51:43 GMT

Redirect headers

date: Wed, 26 Jan 2022 18:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"coop_gse_l9ocaq","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_l9ocaq"}]}
content-type: text/html; charset=UTF-8
location: https://doc-0s-44-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/h7201mbvuglsh0frfpn4lfuo1t622c61/1643223075000/10453008600625740881/*/1cRCkmG0DURrJM7ZUHA9ATvLEsL9yZlNA?e=view
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-Fr4wWydJzVl8EJ0C2OFmgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_l9ocaq"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 736 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49bdb8d89200eda6247242cd3a2e3c6f2112732a637660639519578b10d81230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 704 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1b40dc8882bb5bc9dde618b8b2eba0385a99cfa00dbabeae57d25da2267006c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 57 KB
57 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e9800d8f446260e4db5eae85dad4c8aca6cd6e1f10a62d00f9e1d48b736a81c

Request headers

Referer
Origin: https://sastaticket-frontend-core-pr-150.onrender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/ttf

GET
DATA 200
OK truncated
/ 92 KB
92 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d06995b8afc36890b023133f66d3d8dcd49d873165d32f502f8dbb3b6da018a

Request headers

Referer
Origin: https://sastaticket-frontend-core-pr-150.onrender.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H3 200 logo-full-name.a99a562.svg Show response
sastaticket-frontend-core-pr-150.onrender.com/ 14 KB
6 KB 619ms
618ms Fetch
image/svg+xml 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to

Full URL

https://sastaticket-frontend-core-pr-150.onrender.com/logo-full-name.a99a562.svg

Requested by

Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/main.fb7eb271bdbcea126c79.esm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

216-24-57-3.ip.win.net

Software

cloudflare /

Resource Hash

9ef1baee3f06cbb09e7fbc23073dc92affe48b5d9922be09bd399071bff9064a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:23:48 UTC
server: cloudflare
etag: "a99a562d385aece5cdb67e5b0f3665e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, s-maxage=300
strict-transport-security: max-age=315360000; includeSubdomains; preload
cf-ray: 6d3bef299f21916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H3 200 manage-booking.09116b7.svg
sastaticket-frontend-core-pr-150.onrender.com/ 121 KB
43 KB 613ms
612ms Image
image/svg+xml 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sastaticket-frontend-core-pr-150.onrender.com/manage-booking.09116b7.svg

Requested by

Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

216-24-57-3.ip.win.net

Software

cloudflare /

Resource Hash

f2a9aa3ac6d6e5b0d445eee07e5f2c732e06377472fed4e871a5b1186b749127

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:23:48 UTC
server: cloudflare
etag: "09116b751234aba686b73f2d4e36f2da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, s-maxage=300
strict-transport-security: max-age=315360000; includeSubdomains; preload
cf-ray: 6d3bef29efe3916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 405 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70fc10a5f7c321a449170d60087ec2f584b737f8b217eabdf82141e72ff36a4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 get-in-touch.64a652d.svg
sastaticket-frontend-core-pr-150.onrender.com/ 171 KB
65 KB 659ms
658ms Image
image/svg+xml 216.24.57.3
RENDER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sastaticket-frontend-core-pr-150.onrender.com/get-in-touch.64a652d.svg

Requested by

Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.24.57.3 , United States, ASN397273 (RENDER, US),

Reverse DNS

216-24-57-3.ip.win.net

Software

cloudflare /

Resource Hash

9492b31f7f5082797a4f55d5a21f99d78f88a791db3f0ae69ea64779a076d4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 11:23:48 UTC
server: cloudflare
etag: "64a652d187d4ce15960712a4593d1f51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0, s-maxage=300
strict-transport-security: max-age=315360000; includeSubdomains; preload
cf-ray: 6d3bef29efea916e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex

GET
H2 200 serene_promo.fe39cad1.png
www.sastaticket.pk/static/media/ 34 KB
35 KB 88ms
38ms Image
image/png 2606:4700:20::ac43:444f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sastaticket.pk/static/media/serene_promo.fe39cad1.png
Requested by: Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 019c3d752b00bd7fe0db2b404706e7963327422e323550d17ceda7116351eb8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127327
content-length: 35139
service-worker-allowed: /
last-modified: Tue, 25 Jan 2022 07:29:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6R1UOLpaqTvyEVJmbKBKTaKQ421wRyphckzubM%2FNTXBh4BJfDZS2yHFksh%2Fo5xeGPNYjsMoqrPYyD8hzUSP5Y6Y7u%2Bj1%2BZp0rERTBkRFrolnOwqh6%2Bi%2FCjXB4TMP1HFmGUR4r4KmVfCsqUmlmoGEnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6d3bef2a3a829019-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pia_promo.74da2016.png
www.sastaticket.pk/static/media/ 32 KB
33 KB 84ms
34ms Image
image/png 2606:4700:20::ac43:444f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sastaticket.pk/static/media/pia_promo.74da2016.png
Requested by: Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95294679fc67deda2c49305ea11ea69b9a77faa5591556a7a2c34e1ded505953

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127327
content-length: 32664
service-worker-allowed: /
last-modified: Tue, 25 Jan 2022 07:29:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G67tX0B2%2BvoLa33bnlafaPI55qpr3BGNnhFAvOVRRXmxD1Gl9ouyVEtyA710%2FZIc2qpFsUCb3apoGy8i7z%2FVtyUMZ7EfJP5KRmeNO6jc7x%2F0hEuyms1EpctEpdtgIe6ZtqbWEYV%2BQ%2BCzYw0W9m94ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6d3bef2a3a839019-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 airblue_promo.5a07f3d2.png
www.sastaticket.pk/static/media/ 39 KB
40 KB 109ms
59ms Image
image/png 2606:4700:20::ac43:444f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sastaticket.pk/static/media/airblue_promo.5a07f3d2.png
Requested by: Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcedd19964b7001af1956e8560aee3e23cc698030dd401bb9755bd233a8b42db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127328
content-length: 40407
service-worker-allowed: /
last-modified: Tue, 25 Jan 2022 07:29:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRn%2FPf4W0O0jcXLsUN1%2Bq1LK5N6rV8vME2fyB%2FllbLVngvr7fBZhaxJfYVwF%2FS3lmaBgEH%2BPSk0eWCPauZc%2F2nMc2iXa5UvoPSJGC8WbMqz9J8VGsQrK4i5AqErgMacnpx8qT7pEwEvLVgoTA6rnqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6d3bef2a3a869019-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 airsial_promo.48e13d28.png
www.sastaticket.pk/static/media/ 29 KB
29 KB 106ms
56ms Image
image/png 2606:4700:20::ac43:444f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sastaticket.pk/static/media/airsial_promo.48e13d28.png
Requested by: Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26aaafd39552b5572b011513c94fe3a1cfa5ca2087d9716e53c1c9dd7b7dadcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127328
content-length: 29211
service-worker-allowed: /
last-modified: Tue, 25 Jan 2022 07:29:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTFb%2BImWVdrQRLo5CyhoCb2zbwjsAryDP2ZBYWUw0N3YudFeX%2BLcQ4IIwHGFcPagF9xLfiBtR%2BHwgwY8mG3OpDiydY0YOYXhomfkj7TvUL8iRIN%2FxLtunSIH4oYP7mMz7FagraogoN62oEkNHhBPjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6d3bef2a3a879019-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a7eb04d60bf4b1fa40b3f2b1e598502a2eb63c31637d96791b2042b26734796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 003c175d72c97b466ac7aed4e5e68727813649e021e1baabff44956db5e2203a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfff03045adafa76c8987b55ffe58aa16e7959d60d78e9f8a4915559e298fea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 440307bbba603ea3d7421b221344594efab381241dd93be9054c1cc179f9786a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7aa15c17498a34f8d62dae4ac376f31c44b66f3b8bfbdd0a6a66ce0d75b794a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eebfeff63b1b26b9d99fff02b57eed8032b93a984fb525ba793e964ed90221a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65033dcd9bca5a8a3d2d36173c547e2d8c4ba33d06ecedf3a1ac40c943dbec01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bc738ec2d15d068c789aa54fdd19991af44c7a557e1b404d99ff3ea8003a407

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c20fa8fcad7b36fb097ebed28f2bfeb1e9371b766ccd6209dafc373c118b8d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
staging.sastaticket.pk/api/v4/air/get_all_stops/ 74 B
783 B 1219ms
1137ms Fetch
application/json 2606:4700:20::ac43:444f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.sastaticket.pk/api/v4/air/get_all_stops/?contains=

Requested by

Host: sastaticket-frontend-core-pr-150.onrender.com
URL: https://sastaticket-frontend-core-pr-150.onrender.com/main.fb7eb271bdbcea126c79.esm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:444f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a4917d660320768f210af25364ce47bfae30cec030886bc28af177b7cb70d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sastaticket-frontend-core-pr-150.onrender.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept, Cookie, Origin
x-xss-protection: 1; mode=block
service-worker-allowed: /
allow: GET, HEAD, OPTIONS
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJb%2FogY9ZI6VrTo4dVXMaoNIp70DeeN7v7ynxj%2FdUQvPFuZgPLiek0lIo1p3P0jyu4xz6hDTmzi1ccl09Wmxp%2FXtDB5MNJ%2Fd3jrq0oV0qIdn1K0WVqWOs10N4ptJTe3TLMfATBK3LdTQBR8B6uwnUbkvsWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://sastaticket-frontend-core-pr-150.onrender.com
access-control-allow-credentials: true
cf-ray: 6d3bef2a6c776961-FRA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 04:50:34	Name: NID Value: 511=BkWYBJMZrCkVOlFlsgJFmkDg94jMUzxKSv3-On91iyVWvo-hPosm2CQoaGRA1HFo1ejd0V7Lt-sdeGNQW2mpVgMocKK9v3eWPGOqdMLADGBgr5OgrnGh8U1i1IwcPSw_DCldeizm6so02D0IQonKXuJ2vJoYgP3wQBy2OOtCCJc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=315360000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

doc-0s-44-docs.googleusercontent.com
doc-14-44-docs.googleusercontent.com
drive.google.com
sastaticket-frontend-core-pr-150.onrender.com
snippets.freshchat.com
staging.sastaticket.pk
wchat.freshchat.com
www.sastaticket.pk
216.24.57.3
2606:4700:20::ac43:444f
2a00:1450:4001:803::2001
2a00:1450:4001:80f::200e
34.205.132.152
52.222.214.26
003c175d72c97b466ac7aed4e5e68727813649e021e1baabff44956db5e2203a
019c3d752b00bd7fe0db2b404706e7963327422e323550d17ceda7116351eb8a
18a4917d660320768f210af25364ce47bfae30cec030886bc28af177b7cb70d1
1bf7e39ad748c957ac2437c63cd44630e62230a873a23f8c3caeec656999b038
26aaafd39552b5572b011513c94fe3a1cfa5ca2087d9716e53c1c9dd7b7dadcc
2e9800d8f446260e4db5eae85dad4c8aca6cd6e1f10a62d00f9e1d48b736a81c
440307bbba603ea3d7421b221344594efab381241dd93be9054c1cc179f9786a
49bdb8d89200eda6247242cd3a2e3c6f2112732a637660639519578b10d81230
4a7eb04d60bf4b1fa40b3f2b1e598502a2eb63c31637d96791b2042b26734796
5746dc232c30b0406d7f73fff3de761d5385973dd16456377c5391be70d8b9fe
5b8b8c1df14cadae270bab8216f374c80ba97097577a718ddbfb729859ce129a
5bc738ec2d15d068c789aa54fdd19991af44c7a557e1b404d99ff3ea8003a407
65033dcd9bca5a8a3d2d36173c547e2d8c4ba33d06ecedf3a1ac40c943dbec01
67132b7a8d4f22ec1e3e60fb95543c490228134d4bd057e4b20d07f81c13eff4
6c1511a71d3be9e39ee0f44cd7ce8c6680c7fcce9a4442289ab0a31e832cd314
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
6d06995b8afc36890b023133f66d3d8dcd49d873165d32f502f8dbb3b6da018a
70fc10a5f7c321a449170d60087ec2f584b737f8b217eabdf82141e72ff36a4e
8c20fa8fcad7b36fb097ebed28f2bfeb1e9371b766ccd6209dafc373c118b8d2
8eebfeff63b1b26b9d99fff02b57eed8032b93a984fb525ba793e964ed90221a
9492b31f7f5082797a4f55d5a21f99d78f88a791db3f0ae69ea64779a076d4a9
95294679fc67deda2c49305ea11ea69b9a77faa5591556a7a2c34e1ded505953
9ef1baee3f06cbb09e7fbc23073dc92affe48b5d9922be09bd399071bff9064a
a01d61f9fba1867a99b4d96330edba40d863dc3da874ac381f26f4310e267cf4
a1b40dc8882bb5bc9dde618b8b2eba0385a99cfa00dbabeae57d25da2267006c
a7aa15c17498a34f8d62dae4ac376f31c44b66f3b8bfbdd0a6a66ce0d75b794a
cbeebfb8d71571490d6bcd19cf2b658474b12974d2de11b8c01dd7aa02802142
dfff03045adafa76c8987b55ffe58aa16e7959d60d78e9f8a4915559e298fea7
f2a9aa3ac6d6e5b0d445eee07e5f2c732e06377472fed4e871a5b1186b749127
fcedd19964b7001af1956e8560aee3e23cc698030dd401bb9755bd233a8b42db

sastaticket-frontend-core-pr-150.onrender.com Open in urlscan Pro 216.24.57.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

88 %HTTPS

50 %IPv6

5 Domains

8 Subdomains

6 IPs

2 Countries

1582 kBTransfer

5248 kBSize

1 Cookies

3 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sastaticket-frontend-core-pr-150.onrender.com Open in urlscan Pro
216.24.57.3 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

88 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

6
IPs

2
Countries

1582 kB
Transfer

5248 kB
Size

1
Cookies

16 HTTP transactions
14 data transactions