ticket.fleetexpress.me Open in urlscan Pro
176.124.212.177 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ticket.fleetexpress.me/
Effective URL:
https://ticket.fleetexpress.me/login
Submission: On March 04 via automatic, source certstream-suspicious (March 4th 2024, 6:16:02 am UTC) — Scanned from NL

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 176.124.212.177, located in Netherlands and belongs to VDSINA, AE. The main domain is ticket.fleetexpress.me.
TLS certificate: Issued by R3 on March 4th 2024. Valid for: 3 months.

This is the only time ticket.fleetexpress.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	176.124.212.177 176.124.212.177	216071 (VDSINA) (VDSINA)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.232.195.40 18.232.195.40	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:e6:... 2606:4700:e6::ac40:cf26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.83.26.42 54.83.26.42	14618 (AMAZON-AES) (AMAZON-AES)
12	6

3 176.124.212.177 (Netherlands) 1 redirects

ASN216071 (VDSINA, AE)
PTR: ticket24.pro

ticket.fleetexpress.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.195.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: web1.bitrix24.com

api.bitrix24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:cf26 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.83.26.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-26-42.compute-1.amazonaws.com

cdn.bitrix24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acs-techs.bitrix24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	bitrix24.com api.bitrix24.com cdn.bitrix24.com — Cisco Umbrella Rank: 193222 acs-techs.bitrix24.com	614 KB
3	fleetexpress.me 1 redirects ticket.fleetexpress.me	19 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	25 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	89 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 973	12 KB
12	5

	Domain	Requested by
3	ticket.fleetexpress.me	1 redirects ticket.fleetexpress.me
2	acs-techs.bitrix24.com	ticket.fleetexpress.me
2	cdn.bitrix24.com	ticket.fleetexpress.me cdn.bitrix24.com
2	cdn.jsdelivr.net	ticket.fleetexpress.me
2	cdnjs.cloudflare.com	ticket.fleetexpress.me
1	use.fontawesome.com	ticket.fleetexpress.me
1	api.bitrix24.com	ticket.fleetexpress.me
12	7

This site contains no links.

Subject Issuer	Validity	Valid
ticket.fleetexpress.me R3	`2024-03-04` - `2024-06-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.bitrix24.com Go Daddy Secure Certificate Authority - G2	`2023-11-19` - `2024-12-20`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ticket.fleetexpress.me/login
Frame ID: 693D1490058497D474AFBD8C1600FFF2
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ticketing system login

Page URL History Show full URLs

https://ticket.fleetexpress.me/ HTTP 302
https://ticket.fleetexpress.me/login Page URL

Detected technologies

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

758 kB
Transfer

5083 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ticket.fleetexpress.me/ HTTP 302
https://ticket.fleetexpress.me/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
ticket.fleetexpress.me/
Redirect Chain

https://ticket.fleetexpress.me/
https://ticket.fleetexpress.me/login

4 KB
2 KB

26ms
25ms

Document
text/html

176.124.212.177
VDSINA

General

Check archive.org

Show headers Download Go to

Full URL: https://ticket.fleetexpress.me/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.124.212.177 , Netherlands, ASN216071 (VDSINA, AE),
Reverse DNS: ticket24.pro
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 9394acdd697473d51c47b64766657395297a3f9267ba706d63efd2fe05a4869f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Mar 2024 06:15:57 GMT
ETag: W/"10a1-CLrvx5ofiMFnoSTKkvUBRqt2hzA"
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 56
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Mar 2024 06:15:57 GMT
Location: /login
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept
X-Powered-By: Express

GET
H2 200 tailwind.min.css
cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.2.19/ 3 MB
72 KB 62ms
24ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/2.2.19/tailwind.min.css

Requested by

Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 312088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 72803
last-modified: Fri, 29 Oct 2021 15:08:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "617c0e65-11c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BZGD9pUBTA5ADVlZ01on5Aa%2F%2BSxJzD4vhm5LIjYijx%2BDrufp22F8ynK%2B5a0CmukfdwCT51VUu0Utg0jXZSDpHICLewrw8UT5JxDP3BJUtfblaA1wShTPgam6HD198szt%2FTRQuSwEPWs0%2Bp6S7wAV2rL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85efbc196b550eaf-AMS
expires: Sat, 22 Feb 2025 06:15:57 GMT

GET
H2 200 alpine.min.js Show response
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/ 26 KB
9 KB 74ms
37ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/alpine.min.js

Requested by

Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8378931
x-jsd-version: 2.8.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA, cache-ams21045-AMS
x-jsd-version-type: version
server: cloudflare
etag: W/"6964-M33llwtEtRbUwMPPG0SKpWL3vX8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diM6vdpPDhaT5HBdKj%2B6V6GB7np78WYFpbukzVRLjs%2FtluM7LC6TouBXjV9hoG%2F1SNgF%2BK7AsVa4VpWqsLFbcsdRKpBzO1ksaHb0VfMcEu76gOPyFCE5TdLOX8KvoWLjFwJb6M8sDj1tLGhB7kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85efbc196b596561-AMS

GET
H2 200 axios.min.js Show response
cdn.jsdelivr.net/npm/axios/dist/ 40 KB
16 KB 65ms
28ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js

Requested by

Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3434b67595c68071824e142d077ce7e105d40ac40b15164896d11e54078d0213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11453
x-jsd-version: 1.6.7
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220107-FRA, cache-lga21920-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"a025-pU1dreb3BCFPYYTIFZJhWMD8IeA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEUcUjzNIvfYOGZiwnvTyGGuiyX9R540r9QwJbGx67sQc2vXsWsT%2BVcCM7KhETogIgaooAOeFRPKs2DTKmSKrlHy0%2Fl2Q14SGwKd2CF%2FNjBpJ8zf12NaWlCCTS7Sd2hNhxHhwBaboPBijpvD0qA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85efbc196b576561-AMS

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.2/ 57 KB
17 KB 60ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.2/moment.min.js

Requested by

Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87c242de506efe4c3f71de5ce044e2c71ee285c885afe6675ed36a5c8284b3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8291722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16779
last-modified: Sun, 03 Apr 2022 16:03:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6249c56c-418b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyxkDlHjXhf%2BmRV3exKSpiKpOzcCoBbTnANS3thmZRhZNzIEkBZBBBq6GKADG1SWKIxxVmIoLPz1OSFo3kXVhwhuCpXc3zcDPM6aTDJnUypeXovy3DHvBb18RJtATFfdjJ7WwuF0DoyCdnDzEOKSPzuy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85efbc196b570eaf-AMS
expires: Sat, 22 Feb 2025 06:15:57 GMT

GET
H2 200 / Show response
api.bitrix24.com/api/v1/dev/ 26 KB
9 KB 335ms
102ms Script
application/javascript 18.232.195.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bitrix24.com/api/v1/dev/

Requested by

Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.232.195.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

web1.bitrix24.com

Software

nginx /

Resource Hash

78f124ae1e7c4245856462144524da83f2f020a6bc1a64abe250e7fe4185f992

Security Headers

Name	Value
Content-Security-Policy	default-src https: blob:; connect-src https: wss: blob:; font-src https: data:; frame-src https:; frame-ancestors 'self'; img-src https: blob: data:; media-src https: blob:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:57 GMT
content-security-policy: default-src https: blob:; connect-src https: wss: blob:; font-src https: data:; frame-src https:; frame-ancestors 'self'; img-src https: blob: data:; media-src https: blob:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:;
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 12:19:33 GMT
server: nginx
etag: W/"60db0fd5-696c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.1/css/ 52 KB
12 KB 208ms
162ms Stylesheet
text/css 2606:4700:e6::ac40:cf26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.1/css/all.css
Requested by: Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cf26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

Request headers

Referer: https://ticket.fleetexpress.me/
Origin: https://ticket.fleetexpress.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Sep 2023 01:45:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b8085bf2c839791244bd95f56fb93c01"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vz7ozP6I3iuWq22qRg4jgtdKBCWV3SttgyLmIPJmVhN4hyekc5xU%2BLudq7MrHJ1GO7C%2BPUnUr%2FD8c4212IG%2FpiBFZOQ1w%2B3pOgh2M7vlYbz54e3RxWjOJTVcNOCtf33WmVVQkNS4Eyr8EcesTV7G%2FXUj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 85efbc197bd71c1a-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK d69b0eeb780672134ae1bb03de7ba0fc.png
ticket.fleetexpress.me/uploads/ 16 KB
17 KB 37ms
37ms Image
image/png 176.124.212.177
VDSINA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticket.fleetexpress.me/uploads/d69b0eeb780672134ae1bb03de7ba0fc.png
Requested by: Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.124.212.177 , Netherlands, ASN216071 (VDSINA, AE),
Reverse DNS: ticket24.pro
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 7cae5afe53754dedfbd47207a5cc89b0f95a155b936fccc446b33cb6d5caf7b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 04 Mar 2024 06:15:57 GMT
Last-Modified: Mon, 26 Feb 2024 12:23:26 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"416f-18de55eb6c7"
Content-Type: image/png
Cache-Control: public, max-age=0, no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16751

GET
H2 200 loader_1_n9j9y0.js Show response
cdn.bitrix24.com/b14405401/crm/site_button/ 191 KB
54 KB 326ms
100ms Script
application/javascript 54.83.26.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bitrix24.com/b14405401/crm/site_button/loader_1_n9j9y0.js?28492215
Requested by: Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.83.26.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-26-42.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 551ea1aa66ca05f93c9ef33f8d8d741cd536ec1e3870a9b8c0b79ed66df248c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:58 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 14:13:12 GMT
server: nginx
etag: W/"bf5373312a2e9ef5920dc7ecdf5cd360"
x-amz-server-side-encryption: AES256
content-type: application/javascript
cache-control: max-age=172800
x-bitrix-lb: lb-us-01
server-timing: t1;dur=0.000, t2;dur=, t3;dur=, tc1;dur=99000, tc2;dur=6750, tc3;dur=20
expires: Wed, 06 Mar 2024 06:15:58 GMT

GET
H2 200 call.tracker.js Show response
cdn.bitrix24.com/b14405401/crm/tag/ 30 KB
11 KB 115ms
115ms Script
application/javascript 54.83.26.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bitrix24.com/b14405401/crm/tag/call.tracker.js?28492215
Requested by: Host: cdn.bitrix24.com
URL: https://cdn.bitrix24.com/b14405401/crm/site_button/loader_1_n9j9y0.js?28492215
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.83.26.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-26-42.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f7eee7a6fbd7d7d14dad961ce0eafa295de2b776681b9eb8f4141702bfc9eacf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:58 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 17:45:17 GMT
server: nginx
etag: W/"0b5cd2bc43b3b8467567f5ffd9f62a58"
content-type: application/javascript
cache-control: max-age=2592000
x-bitrix-lb: lb-us-01
server-timing: t1;dur=0.013, t2;dur=0.013, t3;dur=0.000, tc1;dur=102125, tc2;dur=4000, tc3;dur=32
expires: Wed, 03 Apr 2024 06:15:58 GMT

GET
H2 200 styles.min.css
acs-techs.bitrix24.com/bitrix/js/imopenlines/widget/ 629 KB
198 KB 119ms
102ms Stylesheet
text/css 54.83.26.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://acs-techs.bitrix24.com/bitrix/js/imopenlines/widget/styles.min.css?r=1709215991-10

Requested by

Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.83.26.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-26-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

131ba22d039dde71616e84641d01315b258dbfa153d6b6993aac83e5de2a4015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 09:08:53 GMT
server: nginx
content-encoding: gzip
etag: W/"657974a5-9d208"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-bitrix-lb: lb-us-01
server-timing: t1;dur=0.000, t2;dur=, t3;dur=, tc1;dur=102125, tc2;dur=4000, tc3;dur=32
x-bitrix-ri: 12fd6b1003bf74d134c27680ecb10a95
expires: Wed, 03 Apr 2024 06:14:08 GMT

GET
H2 200 script.min.js Show response
acs-techs.bitrix24.com/bitrix/js/imopenlines/widget/ 1 MB
343 KB 219ms
202ms Script
application/x-javascript 54.83.26.42
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://acs-techs.bitrix24.com/bitrix/js/imopenlines/widget/script.min.js?r=1709215991-10

Requested by

Host: ticket.fleetexpress.me
URL: https://ticket.fleetexpress.me/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.83.26.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-26-42.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dced7982a030f8cc639efa259d1d5693b94df7ed62d8b4ac33775cf8b527f550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ticket.fleetexpress.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 06:15:58 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 09:08:53 GMT
server: nginx
content-encoding: gzip
etag: W/"657974a5-11e725"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: max-age=2592000
x-bitrix-lb: lb-us-01
server-timing: t1;dur=0.000, t2;dur=, t3;dur=, tc1;dur=102125, tc2;dur=4000, tc3;dur=32
x-bitrix-ri: 061f99b68501609ad1e89d36337ea4c6
expires: Wed, 03 Apr 2024 06:14:08 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ticket.fleetexpress.me/	1970-01-20 18:53:12	Name: connect.sid Value: s%3A-nD-L4BSc2hF4Iw4u-qLJ4FBH1fhp09q.Fvo7lTGCrtTpf82uJc%2FcpUtqxONW8xHSWEOTnDXyC0Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acs-techs.bitrix24.com
api.bitrix24.com
cdn.bitrix24.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ticket.fleetexpress.me
use.fontawesome.com
176.124.212.177
18.232.195.40
2606:4700::6810:5814
2606:4700::6811:180e
2606:4700:e6::ac40:cf26
54.83.26.42
131ba22d039dde71616e84641d01315b258dbfa153d6b6993aac83e5de2a4015
3434b67595c68071824e142d077ce7e105d40ac40b15164896d11e54078d0213
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e
551ea1aa66ca05f93c9ef33f8d8d741cd536ec1e3870a9b8c0b79ed66df248c9
78f124ae1e7c4245856462144524da83f2f020a6bc1a64abe250e7fe4185f992
7cae5afe53754dedfbd47207a5cc89b0f95a155b936fccc446b33cb6d5caf7b6
87c242de506efe4c3f71de5ce044e2c71ee285c885afe6675ed36a5c8284b3e9
9394acdd697473d51c47b64766657395297a3f9267ba706d63efd2fe05a4869f
b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932
dced7982a030f8cc639efa259d1d5693b94df7ed62d8b4ac33775cf8b527f550
de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74
f7eee7a6fbd7d7d14dad961ce0eafa295de2b776681b9eb8f4141702bfc9eacf

ticket.fleetexpress.me Open in urlscan Pro 176.124.212.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

50 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

758 kBTransfer

5083 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

Indicators

ticket.fleetexpress.me Open in urlscan Pro
176.124.212.177 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

758 kB
Transfer

5083 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions