pay-for-tickets.online Open in urlscan Pro
2606:4700:3033::6815:8b9  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response pay-for-tickets.online/	3 KB 2 KB	148ms 125ms	Document text/html	2606:4700:3033::6815:8b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-for-tickets.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:8b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0a9b6e3e93016c399ab905d1059638c192dc1ee8f9d46a1cfa418d02dc8409b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8dab1c67ad0c928d-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 30 Oct 2024 11:37:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2Fd%2BwizyF3IoAdrqrAisMivzcvPhI8sI%2FjT4RjbIUH0OMwOrqVFwOUMLdoR5q%2B0caKiJjWk89pecChKXNglCtYThFEBisDlCTEIb7oUX9hEpvQj4XN4Anm2b5UaDyefCVDcgNnKYuxpaAu%2FGBtYI%2F%2BOtq9zJ"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=6323&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4166&recv_bytes=4431&delivery_rate=900&cwnd=12000&unsent_bytes=0&cid=0d9bea3abd98b898&ts=130&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/	58 KB 11 KB	43ms 26ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5f7b5b5f-e7d0" age 587441 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hTCIhjN%2B3WDSXe8wZG9bl2Z%2FZj4uH%2FhpbR%2BbrtBnWK7KBVjze6QO%2FXN04Uzw7jgCDzoCIqJb5NqdRuw1LgfX0AYtektc4LGDuB96UEYi7Q9kMLThx37jLdgm1eHEHZ7%2Bd8aEM7CW2Jx8rs64%2FpH%2BQcet"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Mon, 20 Oct 2025 11:37:01 GMT alt-svc h3=":443"; ma=86400 date Wed, 30 Oct 2024 11:37:01 GMT content-type text/css; charset=utf-8 last-modified Mon, 05 Oct 2020 17:43:59 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8dab1c689b2c91fb-FRA accept-ranges bytes access-control-allow-origin * content-length 10491 server cloudflare
GET H3	200	style.css pay-for-tickets.online/src/	50 KB 8 KB	116ms 115ms	Stylesheet text/css	2606:4700:3033::6815:8b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-for-tickets.online/src/style.css Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:8b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94ff1ec4de7a4ef299395710bfa64b646ec1c724b7ea2f3f121b6a022ba4fd62 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers content-encoding br cf-cache-status MISS etag W/"c91e-67221920-a54a0;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MbjoGMcazUmlv%2BgWakPuqx1u4ECvUbvE41Nm64%2Ft%2B7TwO2fRpae8kxZLhPTQvEUvD0osRQ1rp5IMsOYLZ9Ki2dYT1kT1eyrNO0LCoIkcfpNOs0Zl4aub9chN9mmTPFAgTyqgJ5Piu%2B%2Bl2stw6BIij4zwz%2BN"}],"group":"cf-nel","max_age":604800} expires Wed, 06 Nov 2024 11:37:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6380&sent=14&recv=14&lost=0&retrans=0&sent_bytes=5779&recv_bytes=5384&delivery_rate=234267&cwnd=12000&unsent_bytes=0&cid=0d9bea3abd98b898&ts=252&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 30 Oct 2024 11:37:01 GMT content-type text/css last-modified Wed, 30 Oct 2024 11:31:44 GMT vary Accept-Encoding priority u=0,i=?0 cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dab1c688dd8928d-FRA server cloudflare
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	32ms 7ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers content-encoding gzip etag W/"28feccc0-15d9d" age 4239679 x-cache HIT, HIT date Wed, 30 Oct 2024 11:37:01 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-cache-hits 8, 373307 x-served-by cache-lga21931-LGA, cache-fra-eddf8230077-FRA vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1730288222.547042,VS0,VE0 cross-origin-resource-policy cross-origin via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30875 server nginx
GET H2	200	socket.io.js Show response shardpay.online/socket.io/	132 KB 31 KB	400ms 350ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://shardpay.online/socket.io/socket.io.js Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 872d75af9af5c71169438edd981fd867f35bcea9bc17a9806f20fecb7822d481 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag "4.7.4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVhCM2x%2FiPsWZ7fmwnBzLVSW%2BR%2BrH1aWya6ZmB3img68D9iXGMulFTV%2BcDTcoMrZc53iunepNOdQBRDzOq9eFPnd9ctvX0JAGDMlX1UgePIYWWpd8%2BgWcXVavbxdRTYdE%2BpjM2KTSn%2BXNhUK3rk%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8dab1c68d8e8d26d-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=6205&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4048&recv_bytes=2286&delivery_rate=566956&cwnd=254&unsent_bytes=0&cid=d9cf06dd76770eb3&ts=358&x=0" date Wed, 30 Oct 2024 11:37:01 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding server cloudflare
GET H3	200	templates225.js Show response pay-for-tickets.online/	23 KB 3 KB	115ms 114ms	Script text/javascript	2606:4700:3033::6815:8b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-for-tickets.online/templates225.js Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:8b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24c4da782611bf364976cebe46c2f640ddb3a24c826ee293c5f7902337d5bb35 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"5d72-6722191e-a5499;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhIquJIB0GrAID1luruAT4XJ3BMNeJCjgSWtJkkdMq5JQRrCJ7y%2F9USzie6dDk%2FfwsPtxz6dh5d%2BBiv2%2BvQx9C4PhKolSkyJrfaij9cCYMzcBXLZMTE0svDMwfy%2FZsFHKME9NUP8eIlRNuCwfdRU%2B3py9LoG"}],"group":"cf-nel","max_age":604800} cf-ray 8dab1c688dda928d-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6380&sent=21&recv=14&lost=0&retrans=0&sent_bytes=14172&recv_bytes=5384&delivery_rate=234267&cwnd=12000&unsent_bytes=0&cid=0d9bea3abd98b898&ts=253&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 30 Oct 2024 11:37:01 GMT content-type text/javascript last-modified Wed, 30 Oct 2024 11:31:42 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	main2.js Show response pay-for-tickets.online/	9 KB 3 KB	120ms 120ms	Script text/javascript	2606:4700:3033::6815:8b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-for-tickets.online/main2.js Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:8b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a494416ef2bcd728885b314fcd343f2ae51c1a71aae697131c0ed2e1c11be8c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS etag W/"2231-6722191d-a5496;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lD%2FG0oyc0bCElamJQ%2BKjujpRzuQWlnJA5FRAl4o53%2BvgPUSZjvwsfKyVADzN0KLDhNL1Ues8nq%2Bq%2Ff%2B74NcxV5Nw%2Bsi6%2ByObEVc4mTlX%2FAKFMTM7H7JPvImBD5wZlOYOMsYKwTZh7E1XJoLV0czKbi9a3XwP"}],"group":"cf-nel","max_age":604800} cf-ray 8dab1c688ddd928d-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6380&sent=24&recv=14&lost=0&retrans=0&sent_bytes=17605&recv_bytes=5384&delivery_rate=234267&cwnd=12000&unsent_bytes=0&cid=0d9bea3abd98b898&ts=256&x=1", cfExtPri, cfHdrFlush;dur=3 date Wed, 30 Oct 2024 11:37:01 GMT content-type text/javascript last-modified Wed, 30 Oct 2024 11:31:41 GMT vary Accept-Encoding priority u=1,i=?0
GET H2	200	aCgCeNhrAr Show response code.jivo.ru/widget/	17 KB 6 KB	480ms 57ms	Script application/javascript	2a13:1ec0::1037 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivo.ru/widget/aCgCeNhrAr Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash 817e2572314fdae52d4603f9c6d034e2da93a2fd0a0ffc322f59659ef1087723 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers cache STALE x-geo-shard sber1 content-encoding br etag "6718c736-17ac" expires Wed, 23 Oct 2024 14:36:43 GMT date Wed, 30 Oct 2024 11:37:02 GMT content-type application/javascript x-node m9-up-gc5 vary Accept-Encoding last-modified Wed, 23 Oct 2024 09:51:50 GMT cache-control max-age=7200 via 1.1 sharxy accept-ranges bytes access-control-allow-origin * content-length 6060 x-cached-since 2024-10-30T09:22:48+00:00 server nginx
GET H2	200	css2 fonts.googleapis.com/	3 KB 1 KB	40ms 16ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Geologica&display=swap Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/src/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 29296570ce52fc8a9487b1a1f82099ebc92453704d8a4cb7d89b72127d5d36c6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 30 Oct 2024 11:37:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 30 Oct 2024 11:37:01 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 30 Oct 2024 11:34:03 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	check_status.php Show response pay-for-tickets.online/	45 B 728 B	66ms 66ms	Fetch application/json	2606:4700:3033::6815:8b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-for-tickets.online/check_status.php?trans_id=null Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/main2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:8b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb5d1c940db5f905c789b3a33a8d051eee28ecea9010a28a87d07b007ba7c256 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LiLUkPU4cZrD9asZi0G2CxRBdQoMCRcKb23c2ER2i8lVZZRbhlGoIRnt1fDb45p%2BciHOiOWRKLB1TXgs557H1dxary%2BVHFBb6b14d9qWysaoj53hfOAhravw0RoDsrbmtlmzzvUBS5U1AjJpsvqvyuG8eO9L"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6534&sent=28&recv=22&lost=0&retrans=0&sent_bytes=20604&recv_bytes=6001&delivery_rate=502171&cwnd=12000&unsent_bytes=0&cid=0d9bea3abd98b898&ts=615&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 30 Oct 2024 11:37:01 GMT content-type application/json; charset=utf-8 vary Accept-Encoding priority u=1,i access-control-allow-headers Content-Type nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dab1c6b1857928d-FRA access-control-allow-origin * content-length 65 server cloudflare
GET H3	200	oY1o8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckU8H3G11_z-_OZqDx_rc-QSAA.woff2 fonts.gstatic.com/s/geologica/v1/	14 KB 14 KB	25ms 8ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/geologica/v1/oY1o8evIr7j9P3TN9YwNAdyjzUyDKkKdAGOJh1UlCDUIhAIdhCZOn1fLsig7jfvCCPHZckU8H3G11_z-_OZqDx_rc-QSAA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Geologica&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fa7f06b5f3cb598cb6237967c694e59afc160a914bfc8c34d95138de4759a11b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://pay-for-tickets.online Referer https://fonts.googleapis.com/ Response headers age 80237 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 29 Oct 2025 13:19:44 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 29 Oct 2024 13:19:44 GMT last-modified Tue, 30 May 2023 20:37:57 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 14468 x-xss-protection 0 server sffe
GET H2	200	aCgCeNhrAr Show response code.jivo.ru/script/widget/config/	4 KB 2 KB	244ms 119ms	XHR application/x-javascript	2a13:1ec0::1037 EDGEAMLLC
General Check archive.org Show headers Download Go to Full URL https://code.jivo.ru/script/widget/config/aCgCeNhrAr Requested by Host: code.jivo.ru URL: https://code.jivo.ru/widget/aCgCeNhrAr Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM), Reverse DNS Software nginx / Resource Hash f51b11ef038d060b8f98567ca0267f0ad6603219db03ee03979b2a5e52cfa03a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers cache HIT cache-control max-age=7200 x-geo-shard sber1 content-encoding gzip via 1.1 sharxy expires Wed, 30 Oct 2024 13:27:48 GMT accept-ranges bytes access-control-allow-origin * content-length 1706 date Wed, 30 Oct 2024 11:37:02 GMT content-type application/x-javascript vary Accept-Encoding server nginx x-cached-since 2024-10-30T11:27:48+00:00 x-node m9-up-gc234
GET H3	404	favicon.ico pay-for-tickets.online/	1 KB 1 KB	105ms 105ms	Other text/html	2606:4700:3033::6815:8b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-for-tickets.online/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:8b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers cache-control private, no-cache, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status BYPASS pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPHbrtVMHZz%2BPhVJQh7pIVRexMdy1xnuRi05XVgR8tLY7LOOgbroIGpHRl2EpbJrxzv7leNvKrdwYFwSA%2BMZj5tU%2FaPr08NnfitO6n%2BE1bmvF3o%2Bw%2F7s0OXfqeBnXdDp4XJSVgXKgryqx%2Bg%2B7SJP5KtmlRg9"}],"group":"cf-nel","max_age":604800} cf-ray 8dab1c6c99d8928d-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6588&sent=30&recv=24&lost=0&retrans=0&sent_bytes=21379&recv_bytes=6399&delivery_rate=8278&cwnd=12000&unsent_bytes=0&cid=0d9bea3abd98b898&ts=895&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 30 Oct 2024 11:37:02 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=1,i
GET		aCgCeNhrAr node-sber1-az1-24.jivosite.com/widget/status/2522571/	0 0
GET H3	200	check_status.php Show response pay-for-tickets.online/	45 B 734 B	65ms 65ms	Fetch application/json	2606:4700:3033::6815:8b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pay-for-tickets.online/check_status.php?trans_id=null Requested by Host: pay-for-tickets.online URL: https://pay-for-tickets.online/main2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:8b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb5d1c940db5f905c789b3a33a8d051eee28ecea9010a28a87d07b007ba7c256 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://pay-for-tickets.online/ Response headers content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Q8DjyJDtzD6w70%2FAbhWG6gpyRYL1X0suSXEQy6LIKHpim44E6iRebR9wPnpBYG9DHaocyfswOkgTyj%2Fa6aMk4SSy6Y9LV5Q4IDtGGSvqK2ovyZJXwPwnjXva%2Bikmuxjo0MoHRVGnDBa44ydVEemMZzP4sNT"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET, OPTIONS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6500&sent=34&recv=27&lost=0&retrans=0&sent_bytes=22768&recv_bytes=6801&delivery_rate=13191&cwnd=12000&unsent_bytes=0&cid=0d9bea3abd98b898&ts=3613&x=1", cfExtPri, cfHdrFlush;dur=0 date Wed, 30 Oct 2024 11:37:04 GMT content-type application/json; charset=utf-8 vary Accept-Encoding priority u=1,i access-control-allow-headers Content-Type nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dab1c7dd8b7928d-FRA access-control-allow-origin * content-length 65 server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

node-sber1-az1-24.jivosite.com

URL

https://node-sber1-az1-24.jivosite.com/widget/status/2522571/aCgCeNhrAr?rnd=0.3398526349096347

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| io object| serverData object| cardValidation function| initializeCardInputs function| initializeCodeInput function| updateContent function| checkStatus function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pay-for-tickets.online/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jivo.ru
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
node-sber1-az1-24.jivosite.com
pay-for-tickets.online
shardpay.online
node-sber1-az1-24.jivosite.com
2606:4700:3033::6815:8b9
2606:4700::6811:190e
2a00:1450:4001:80f::2003
2a00:1450:4001:830::200a
2a04:4e42:400::649
2a06:98c1:3120::3
2a13:1ec0::1037
1a494416ef2bcd728885b314fcd343f2ae51c1a71aae697131c0ed2e1c11be8c
24c4da782611bf364976cebe46c2f640ddb3a24c826ee293c5f7902337d5bb35
29296570ce52fc8a9487b1a1f82099ebc92453704d8a4cb7d89b72127d5d36c6
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
817e2572314fdae52d4603f9c6d034e2da93a2fd0a0ffc322f59659ef1087723
872d75af9af5c71169438edd981fd867f35bcea9bc17a9806f20fecb7822d481
94ff1ec4de7a4ef299395710bfa64b646ec1c724b7ea2f3f121b6a022ba4fd62
a0a9b6e3e93016c399ab905d1059638c192dc1ee8f9d46a1cfa418d02dc8409b
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
bb5d1c940db5f905c789b3a33a8d051eee28ecea9010a28a87d07b007ba7c256
f51b11ef038d060b8f98567ca0267f0ad6603219db03ee03979b2a5e52cfa03a
fa7f06b5f3cb598cb6237967c694e59afc160a914bfc8c34d95138de4759a11b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e