urlscan.io logo urlscan.io
SecurityTrails logo

pay.qrticket.in.ua Open in urlscan Pro
138.201.118.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.pay.qrticket.in.ua/
Effective URL: https://pay.qrticket.in.ua/
Submission: On August 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 38 HTTP transactions. The main IP is 138.201.118.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is pay.qrticket.in.ua.
TLS certificate: Issued by R3 on July 30th 2021. Valid for: 3 months.
This is the only time pay.qrticket.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    138.201.118.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.118.201.138.clients.your-server.de
www.pay.qrticket.in.ua
pay.qrticket.in.ua
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    46.137.85.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-85-84.eu-west-1.compute.amazonaws.com
bitrix.info
3    2606:4700:3037::ac43:a12f (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
19 pay.qrticket.in.ua pay.qrticket.in.ua
4 fonts.gstatic.com fonts.googleapis.com
3 ka-f.fontawesome.com kit.fontawesome.com
3 ajax.googleapis.com pay.qrticket.in.ua
2 bitrix.info pay.qrticket.in.ua
bitrix.info
2 cdn.jsdelivr.net pay.qrticket.in.ua
1 www.gstatic.com www.google.com
1 use.fontawesome.com pay.qrticket.in.ua
1 kit.fontawesome.com pay.qrticket.in.ua
1 fonts.googleapis.com pay.qrticket.in.ua
1 www.google.com pay.qrticket.in.ua
1 www.pay.qrticket.in.ua 1 redirects
38 12

This site contains links to these domains. Also see Links.

Domain
qrticket.com.ua
Subject Issuer Validity Valid
pay.qrticket.in.ua
R3		 2021-07-30 -
2021-10-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.bitrix.info
Go Daddy Secure Certificate Authority - G2		 2020-02-14 -
2022-04-14		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://pay.qrticket.in.ua/
Frame ID: 491E6C934469830D316555EA6D2AB58A
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.pay.qrticket.in.ua/ HTTP 301
    https://pay.qrticket.in.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /(?:<link[^>]+components\/bitrix|(?:src|href)="\/bitrix\/(?:js|templates))/i
Overall confidence: 100%
Detected patterns
  • html /(?:<link[^>]+components\/bitrix|(?:src|href)="\/bitrix\/(?:js|templates))/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

38
Requests

100 %
HTTPS

83 %
IPv6

7
Domains

12
Subdomains

12
IPs

3
Countries

786 kB
Transfer

1412 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.pay.qrticket.in.ua/ HTTP 301
    https://pay.qrticket.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.qrticket.in.ua/
Redirect Chain
  • https://www.pay.qrticket.in.ua/
  • https://pay.qrticket.in.ua/
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
915a2fdf45cce8b805af502549337add352f69352d33c8edb6efc1529a49bdb7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
pay.qrticket.in.ua
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.14.2
date
Wed, 18 Aug 2021 04:48:01 GMT
content-type
text/html; charset=UTF-8
vary
HTTPS
x-powered-by
PHP/7.2.34
p3p
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms
Bitrix Site Manager (d0052ed61ad60db8853790af9d05b276)
set-cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-encoding
gzip
strict-transport-security
max-age=15768000

Redirect headers

server
nginx/1.14.2
date
Wed, 18 Aug 2021 04:48:01 GMT
content-type
text/html
content-length
185
location
https://pay.qrticket.in.ua/
strict-transport-security
max-age=15768000
core.min.css
pay.qrticket.in.ua/bitrix/js/main/core/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/js/main/core/css/core.min.css?15599881202854
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
baa83d723fdcca5fe346bcd2b5e774975daabc44ab9c0a2643b965e2eea6441b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/js/main/core/css/core.min.css?15599881202854
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 08 Jun 2019 10:02:00 GMT
server
nginx/1.14.2
etag
W/"5cfb8798-b26"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
page_e33a20edc6d39df8674508ade849e4c1_v1.css
pay.qrticket.in.ua/bitrix/cache/css/s1/qrticket/page_e33a20edc6d39df8674508ade849e4c1/ 		770 B
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/cache/css/s1/qrticket/page_e33a20edc6d39df8674508ade849e4c1/page_e33a20edc6d39df8674508ade849e4c1_v1.css?1613227519770
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
131589786bc20b288db3fce5e51e8cc5ac4e406434d6626ee07157c779542536
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/cache/css/s1/qrticket/page_e33a20edc6d39df8674508ade849e4c1/page_e33a20edc6d39df8674508ade849e4c1_v1.css?1613227519770
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 14:45:19 GMT
server
nginx/1.14.2
etag
W/"6027e5ff-302"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
core.min.js
pay.qrticket.in.ua/bitrix/js/main/core/ 		227 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/js/main/core/core.min.js?1571680974232035
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
082854ebf8be85c418e4b1619c6f35d46e5912364f56b7ed997affc9bf6d64da
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/js/main/core/core.min.js?1571680974232035
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 18:02:54 GMT
server
nginx/1.14.2
etag
W/"5dadf2ce-38a63"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
script.js
pay.qrticket.in.ua/bitrix/js/twim.recaptchafree/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/js/twim.recaptchafree/script.js?15599881254421
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
40a8f997f0fc8d8ae32685cc368abe8a94f5e0d0312b6265afb26587332364e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/js/twim.recaptchafree/script.js?15599881254421
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 08 Jun 2019 10:02:05 GMT
server
nginx/1.14.2
etag
W/"5cfb879d-1145"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
api.js
www.google.com/recaptcha/ 		914 B
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadRecaptchafree&render=explicit&hl=ua
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fe1088752c3381c3fd46c96435f9bf0019ae2cf2c1026007aa49a52a0fb9bda9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578
x-xss-protection
1; mode=block
expires
Wed, 18 Aug 2021 04:48:01 GMT
css
fonts.googleapis.com/ 		3 KB
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3053185fbbec232aa3a5500b1f4617bf459573930dbcdb0246ec472dd73de5fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 03:47:11 GMT
server
ESF
date
Wed, 18 Aug 2021 04:48:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 04:48:01 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		36 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 01:45:21 GMT
x-content-type-options
nosniff
age
10960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36536
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 01:45:21 GMT
public.css
pay.qrticket.in.ua/bitrix/templates/qrticket/css/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/css/public.css?1629262081
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
801cc513e4b57aab6c91b58a8bb5dd463e439888bb0ae438239f8fde1b803c14
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/css/public.css?1629262081
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 16:58:16 GMT
server
nginx/1.14.2
etag
W/"60d4b9a8-e08a"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
harita.css
pay.qrticket.in.ua/bitrix/templates/qrticket/css/ 		1 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/css/harita.css?1629262081
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
40ccb0c56aae84ba6613ea22d5d84fe6d3565492a6bf2e51318e00590fdab472
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/css/harita.css?1629262081
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 28 Apr 2021 16:04:19 GMT
server
nginx/1.14.2
etag
W/"60898783-539"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
8bb2c32529.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/8bb2c32529.js
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760f09d5bd897c7320a4dfd011f0097ee725f53d13d25a03d88da5d1b4a1360f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
HIT
age
42
strict-transport-security
max-age=31536000; preload
x-request-id
Fohdrv95VD5LAaKeEdVC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
680881e7be3c4a7a-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2148
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 04:12:13 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:14:07 GMT
x-content-type-options
nosniff
age
16434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253668
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:14:07 GMT
svg-pan-zoom.min.js
cdn.jsdelivr.net/npm/svg-pan-zoom@3.6.0/dist/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/svg-pan-zoom@3.6.0/dist/svg-pan-zoom.min.js
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
78aea209182119230c6173b65f1a834c040ef5c0a99bbe36af1178d95eef0f84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
686303
x-jsd-version
3.6.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8273
etag
W/"74c0-4Lq9xomXy2Fo7PRVVn0Z5avHbSA"
x-served-by
cache-fra19181-FRA
x-jsd-version-type
version
date
Wed, 18 Aug 2021 04:48:01 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
hammer.min.js
cdn.jsdelivr.net/npm/hammerjs@2.0.8/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/hammerjs@2.0.8/hammer.min.js
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
535454
x-jsd-version
2.0.8
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
7346
etag
W/"511d-2r+t5mVqEBjQZbXzZz9BVKr3qLo"
x-served-by
cache-fra19181-FRA
x-jsd-version-type
version
date
Wed, 18 Aug 2021 04:48:01 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
datepicker-ru.js
pay.qrticket.in.ua/bitrix/templates/qrticket/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/js/datepicker-ru.js
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
380037d70f1d96d815421f9c7d008838b26e4c97cfa290b079a57639e401aa1e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/js/datepicker-ru.js
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Aug 2019 12:20:11 GMT
server
nginx/1.14.2
etag
W/"5d481efb-589"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
module.sepet.js
pay.qrticket.in.ua/bitrix/templates/qrticket/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/js/module.sepet.js?1629262081
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
c62829fc68da0d0d892ef022ce65c5198177c38ec356c5f67b9aee0f397f4b03
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/js/module.sepet.js?1629262081
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 15:38:54 GMT
server
nginx/1.14.2
etag
W/"60d4a70e-44b4"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
module.harita.js
pay.qrticket.in.ua/bitrix/templates/qrticket/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/js/module.harita.js?1629262081
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
a2f5e7bfc8346b1d752b15b91879754fbb36d3a6ff621ee93ab1e537046e80b2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/js/module.harita.js?1629262081
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Jul 2021 10:35:47 GMT
server
nginx/1.14.2
etag
W/"60fe9003-23ed"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
public.js
pay.qrticket.in.ua/bitrix/templates/qrticket/js/ 		2 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/js/public.js
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
ba2fa6575d290e76c9c3a51039dfc7ae4d0f5ba8c8195a8dc09095b18b646a58
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/js/public.js
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Dec 2019 10:48:21 GMT
server
nginx/1.14.2
etag
W/"5df0c975-70c"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
expires
Fri, 17 Sep 2021 04:48:01 GMT
all.css
use.fontawesome.com/releases/v5.0.13/css/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Origin
https://pay.qrticket.in.ua
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
RY3GA5K6KQJHMZPN
x-amz-id-2
WAuCsOIENIWZIiXtR1eFZFGoVdF9c6kDAW7IjYynQqqjFMgOOwyPZ8jiBA/crOV9hPJ8Z4/CHA0=
last-modified
Wed, 30 Jun 2021 15:27:31 GMT
server
cloudflare
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INiI3BpRN1Ykwq0wYifH590I7clUfXlGz%2BrMEg72k2nrrX9JCOUuJSDnQRmK3yjWPEIQmojxgLAfsZSe3D8Xg10yMXwBZoTu0sY4C2mo%2BweflkOwE%2Fh4Hs7o49fMdOfLjwQZX78LvTb0kkbUELvhgcSt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
680881e7b89fc2e0-FRA
logo.png
pay.qrticket.in.ua/bitrix/templates/qrticket/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/images/logo.png
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
2415a7077ad33a2f00fb24dad358a39477e0d3440db49158865931bba7c4afd0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/images/logo.png
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
x-content-type-options
nosniff
last-modified
Sat, 08 Jun 2019 10:27:05 GMT
server
nginx/1.14.2
etag
"5cfb8d79-2046"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
8262
expires
Fri, 17 Sep 2021 04:48:01 GMT
mobile-meny.png
pay.qrticket.in.ua/bitrix/templates/qrticket/images/ 		143 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/images/mobile-meny.png
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
ccc5ed4bcfe99b08fb38fabeb269900eb0fde65a84a9347e8fbe6d5666460044
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/images/mobile-meny.png
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
x-content-type-options
nosniff
last-modified
Sat, 08 Jun 2019 10:01:47 GMT
server
nginx/1.14.2
etag
"5cfb878b-8f"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
143
expires
Fri, 17 Sep 2021 04:48:01 GMT
logo-footer4.jpg
pay.qrticket.in.ua/bitrix/templates/qrticket/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/images/logo-footer4.jpg
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
0d450d3485bfccdb586e70ba26d890ba900cf3efcdea34bccdad5a17c489e92e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/images/logo-footer4.jpg
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Aug 2019 09:31:47 GMT
server
nginx/1.14.2
etag
"5d679b83-1e06"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
7686
expires
Fri, 17 Sep 2021 04:48:01 GMT
logo-footer5.jpg
pay.qrticket.in.ua/bitrix/templates/qrticket/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/images/logo-footer5.jpg
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
cc3d73d2397646ddaf15e6f2541dd6c7da5f259059881eb6d4ca64ec0e87fb63
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/images/logo-footer5.jpg
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Aug 2019 09:32:29 GMT
server
nginx/1.14.2
etag
"5d679bad-1f0a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
7946
expires
Fri, 17 Sep 2021 04:48:01 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/ 		341 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadRecaptchafree&render=explicit&hl=ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pay.qrticket.in.ua
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136003
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 09:02:09 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 12:41:38 GMT
ba.js
bitrix.info/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bitrix.info/ba.js
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-84.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.1 /
Resource Hash
897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 04:48:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 May 2021 09:38:38 GMT
Server
nginx/1.10.1
ETag
W/"60a4dc9e-1a03"
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Connection
keep-alive
Content-Type
application/javascript
Content-Length
3008
Expires
Fri, 20 Aug 2021 04:48:01 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=8bb2c32529
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8bb2c32529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvDm0JJjmXYXHiOe3j%2B%2F87UcDEIoTPxqb2SFHEIs3hsbzXOdXneyqhyftZ6m81ejswxmTWcq%2B4eKqNrwSiDxFs%2BGDYZXHEdldIkb0xTXiZwctwcaJS1SwhbQcFDsgdoJhrUiFsbmPeXqSGjU5o92g%2BPbvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA2-C1
cf-ray
680881e8b80d4a6d-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
ZmaWr7fBhz3S8sWeVGhrRLb78HZPba_5g6p_hj9yze7VBy_xXdbogg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=8bb2c32529
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8bb2c32529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzLb%2B308q%2FNE1uHNm8TGrObVEswsr0PZcgbksjJjOfO4euxqnawCFfBiVX6P88KcwsnTgf6GgpGFPJVQ2gWzfUKMVlSTbGr9yUwOwrYs7y%2B%2FP1tKUD44JuzfGVGsGTxfAbKlCQzFCu9IoIL3xVVuzRXORw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA2-C1
cf-ray
680881e8b8114a6d-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
oWowBOG56IQoiZ3beCOMwG5kJD804jAFz-OFNb0PtWUyz6P0eNTOsg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.3/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=8bb2c32529
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8bb2c32529.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Wed, 17 Mar 2021 02:23:57 GMT
server
cloudflare
etag
W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzjQEZV9F7eGk1ohgCIsrs6RxtK3TcqZVG0lDUNwV8cx1TS%2BH8uhDhO8tHHkN67MjHZcBIZOzG6EG4OBGj2MHGXPLIkdcQpYuGlh0B7M9v9f0cPBGWl6fjnvDTnTv6ydpfPSu0RyHsg9DXDf5rMTkDqnYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
FRA2-C1
cf-ray
680881e8b8124a6d-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
fzrwUbBH2RwMznYIRUmpnm6aTqjUoEweGOr7qsiD_V248_M2wfeiHg==
cart.png
pay.qrticket.in.ua/bitrix/templates/qrticket/images/ 		926 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/images/cart.png
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/bitrix/templates/qrticket/css/public.css?1629262081
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
323d1de5a5fa6652398518d1c53a4d8f1e4af052eaa8334e82a6f6ba47fb0a10
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/images/cart.png
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/bitrix/templates/qrticket/css/public.css?1629262081
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/bitrix/templates/qrticket/css/public.css?1629262081
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Aug 2019 08:36:50 GMT
server
nginx/1.14.2
etag
"5d4a8da2-39e"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
926
expires
Fri, 17 Sep 2021 04:48:01 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v12/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea7c08207bf016c414051b132152afb005bfd6cd3382b95987fb70ee6a96e2db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pay.qrticket.in.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 07:42:49 GMT
x-content-type-options
nosniff
age
75912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29880
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 07:42:49 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pay.qrticket.in.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:31:00 GMT
x-content-type-options
nosniff
age
101821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:31:00 GMT
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v12/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86de45c48686f20bcd29801c5deee8e780ac3661a0355e90c256980d764771ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pay.qrticket.in.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 05:12:20 GMT
x-content-type-options
nosniff
age
84941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28564
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 05:12:20 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://pay.qrticket.in.ua
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 05:37:01 GMT
x-content-type-options
nosniff
age
83460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 05:37:01 GMT
ajax_counter.php
pay.qrticket.in.ua/bitrix/tools/conversion/ 		4 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/bitrix/tools/conversion/ajax_counter.php
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
db8b8e836881534b3e62cf633db64f28af421e09feaae85bd3f3249912053c65
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://pay.qrticket.in.ua
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
content-length
64
:path
/bitrix/tools/conversion/ajax_counter.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded
accept
*/*
cache-control
no-cache
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 04:48:01 GMT
x-content-type-options
nosniff
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.2.34
x-powered-cms
Bitrix Site Manager (d0052ed61ad60db8853790af9d05b276)
strict-transport-security
max-age=15768000
p3p
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
no-store, no-cache, must-revalidate
set-cookie
BITRIX_CONVERSION_CONTEXT_s1=%7B%22ID%22%3A2%2C%22EXPIRE%22%3A1629320340%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D; expires=Thu, 18-Aug-2022 04:48:01 GMT; Max-Age=31536000; path=/
content-type
text/html; charset=UTF-8
vary
HTTPS
content-length
4
expires
Thu, 19 Nov 1981 08:52:00 GMT
jsonBasketGet.php
pay.qrticket.in.ua/api/ 		88 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.qrticket.in.ua/api/jsonBasketGet.php
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/bitrix/templates/qrticket/js/module.sepet.js?1629262081
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
c3f396537f9121c8e0252fffb7dd0d62eef24fbea66a7df16a74e3345b8a45f7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/api/jsonBasketGet.php
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 04:48:01 GMT
x-content-type-options
nosniff
server
nginx/1.14.2
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.2.34
x-powered-cms
Bitrix Site Manager (d0052ed61ad60db8853790af9d05b276)
vary
HTTPS
p3p
policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=15768000
content-type
application/json
content-length
88
expires
Thu, 19 Nov 1981 08:52:00 GMT
checkboxx.png
pay.qrticket.in.ua/bitrix/templates/qrticket/images/ 		290 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.qrticket.in.ua/bitrix/templates/qrticket/images/checkboxx.png
Requested by
Host: pay.qrticket.in.ua
URL: https://pay.qrticket.in.ua/bitrix/templates/qrticket/css/public.css?1629262081
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.48.118.201.138.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
ee2e14d2c0ab5406ab53fb44e64924b17e60817d94cc5b867b212538aa02014e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/bitrix/templates/qrticket/images/checkboxx.png
pragma
no-cache
cookie
PHPSESSID=kp0r1b4b158rejfe5d6qvtru8v
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
pay.qrticket.in.ua
referer
https://pay.qrticket.in.ua/bitrix/templates/qrticket/css/public.css?1629262081
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://pay.qrticket.in.ua/bitrix/templates/qrticket/css/public.css?1629262081
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:48:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 10:03:23 GMT
server
nginx/1.14.2
etag
"5d5a73eb-122"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
290
expires
Fri, 17 Sep 2021 04:48:01 GMT
bx_stat
bitrix.info/ 		42 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bitrix.info/bx_stat
Requested by
Host: bitrix.info
URL: https://bitrix.info/ba.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-84.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.1 /
Resource Hash
f53aff37ef06bfceb82157545fe9973bd5ed12284eece9ea1f297d1be8fd5c2a

Request headers

Referer
https://pay.qrticket.in.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Wed, 18 Aug 2021 04:48:01 GMT
Server
nginx/1.10.1
ETag
2e65b11e47d8e846aad55a7edd53748b
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Access-Control-Allow-Origin
https://pay.qrticket.in.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Content-Length
42

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| BX object| babelHelpers object| regeneratorRuntime object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| _main_core_polyfill object| Recaptchafree function| RecaptchafreeSubmitForm function| onloadRecaptchafree object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _ba object| FontAwesomeKitConfig function| $ function| jQuery function| svgPanZoom function| Hammer object| sepet object| kutu object| kronometre object| harita object| recaptcha object| tum function| _ba_punycode object| _baq

2 Cookies

Domain/Path Name / Value
pay.qrticket.in.ua/ Name: BITRIX_CONVERSION_CONTEXT_s1
Value: %7B%22ID%22%3A2%2C%22EXPIRE%22%3A1629320340%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
pay.qrticket.in.ua/ Name: PHPSESSID
Value: kp0r1b4b158rejfe5d6qvtru8v

1 Console Messages

Source Level URL
Text
console-api log URL: https://pay.qrticket.in.ua/bitrix/templates/qrticket/js/module.sepet.js?1629262081(Line 156)
Message:
undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bitrix.info
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
pay.qrticket.in.ua
use.fontawesome.com
www.google.com
www.gstatic.com
www.pay.qrticket.in.ua
138.201.118.48
2606:4700:3037::6815:4e07
2606:4700:3037::ac43:a12f
2606:4700::6812:1734
2a00:1450:4001:802::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a04:4e42:3::485
46.137.85.84
082854ebf8be85c418e4b1619c6f35d46e5912364f56b7ed997affc9bf6d64da
0d450d3485bfccdb586e70ba26d890ba900cf3efcdea34bccdad5a17c489e92e
131589786bc20b288db3fce5e51e8cc5ac4e406434d6626ee07157c779542536
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
2415a7077ad33a2f00fb24dad358a39477e0d3440db49158865931bba7c4afd0
3053185fbbec232aa3a5500b1f4617bf459573930dbcdb0246ec472dd73de5fd
323d1de5a5fa6652398518d1c53a4d8f1e4af052eaa8334e82a6f6ba47fb0a10
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
380037d70f1d96d815421f9c7d008838b26e4c97cfa290b079a57639e401aa1e
40a8f997f0fc8d8ae32685cc368abe8a94f5e0d0312b6265afb26587332364e6
40ccb0c56aae84ba6613ea22d5d84fe6d3565492a6bf2e51318e00590fdab472
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
760f09d5bd897c7320a4dfd011f0097ee725f53d13d25a03d88da5d1b4a1360f
78aea209182119230c6173b65f1a834c040ef5c0a99bbe36af1178d95eef0f84
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
801cc513e4b57aab6c91b58a8bb5dd463e439888bb0ae438239f8fde1b803c14
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86de45c48686f20bcd29801c5deee8e780ac3661a0355e90c256980d764771ce
897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710
915a2fdf45cce8b805af502549337add352f69352d33c8edb6efc1529a49bdb7
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
a2f5e7bfc8346b1d752b15b91879754fbb36d3a6ff621ee93ab1e537046e80b2
aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456
ba2fa6575d290e76c9c3a51039dfc7ae4d0f5ba8c8195a8dc09095b18b646a58
baa83d723fdcca5fe346bcd2b5e774975daabc44ab9c0a2643b965e2eea6441b
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
c3f396537f9121c8e0252fffb7dd0d62eef24fbea66a7df16a74e3345b8a45f7
c62829fc68da0d0d892ef022ce65c5198177c38ec356c5f67b9aee0f397f4b03
cc3d73d2397646ddaf15e6f2541dd6c7da5f259059881eb6d4ca64ec0e87fb63
ccc5ed4bcfe99b08fb38fabeb269900eb0fde65a84a9347e8fbe6d5666460044
db8b8e836881534b3e62cf633db64f28af421e09feaae85bd3f3249912053c65
ea7c08207bf016c414051b132152afb005bfd6cd3382b95987fb70ee6a96e2db
ee2e14d2c0ab5406ab53fb44e64924b17e60817d94cc5b867b212538aa02014e
f53aff37ef06bfceb82157545fe9973bd5ed12284eece9ea1f297d1be8fd5c2a
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fe1088752c3381c3fd46c96435f9bf0019ae2cf2c1026007aa49a52a0fb9bda9