tickets.thecitymove.com Open in urlscan Pro
195.201.170.110  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response tickets.thecitymove.com/	102 KB 23 KB	450ms 67ms	Document text/html	195.201.170.110 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tickets.thecitymove.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.170.110 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.110.170.201.195.clients.your-server.de Software nginx / Resource Hash 522303cd3286fc6112a62f9f796a005f42fb00bdc7d6ec0ed34c0f9957788018 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ORIGIN Request headers :method GET :authority tickets.thecitymove.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx date Thu, 08 Oct 2020 09:17:15 GMT content-type text/html; charset=UTF-8 set-cookie Zend_Auth=7hh3af221kci8svfffugor44q2; path=/ lang=ru; path=/ lang=ru; expires=Sat, 07-Nov-2020 09:17:15 GMT; Max-Age=2592000; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-frame-options ORIGIN x-content-type-options nosniff content-encoding gzip
GET H2	200	css fonts.googleapis.com/	8 KB 823 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap&subset=cyrillic Requested by Host: tickets.thecitymove.com URL: https://tickets.thecitymove.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6c86363aecf6ca763263c39c32d77a71c95f5c015a0a84f0a594389263f390e1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://tickets.thecitymove.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 08 Oct 2020 09:17:15 GMT server ESF date Thu, 08 Oct 2020 09:17:15 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 08 Oct 2020 09:17:15 GMT
GET H2	200	site_logo_file_small.png tickets.thecitymove.com/images/timg/	2 KB 3 KB	26ms 26ms	Image image/png	195.201.170.110 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tickets.thecitymove.com/images/timg/site_logo_file_small.png Requested by Host: tickets.thecitymove.com URL: https://tickets.thecitymove.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.170.110 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.110.170.201.195.clients.your-server.de Software nginx / Resource Hash cc6b5997a47077485ad9d0908859c43474a895712042182b2fca3fbabb0d6169 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ORIGIN Request headers Referer https://tickets.thecitymove.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 08 Oct 2020 09:17:15 GMT x-content-type-options nosniff last-modified Mon, 13 Jul 2020 09:50:06 GMT server nginx etag "5f0c2e4e-937" x-frame-options ORIGIN content-type image/png status 200 cache-control max-age=31536000 accept-ranges bytes content-length 2359 expires Fri, 08 Oct 2021 09:17:15 GMT
GET H2	200	ru.svg tickets.thecitymove.com/themes/materialize/app-assets/vendors/flag-icon/flags/4x3/	286 B 454 B	26ms 25ms	Image image/svg+xml	195.201.170.110 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tickets.thecitymove.com/themes/materialize/app-assets/vendors/flag-icon/flags/4x3/ru.svg Requested by Host: tickets.thecitymove.com URL: https://tickets.thecitymove.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.170.110 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.110.170.201.195.clients.your-server.de Software nginx / Resource Hash 5b51b57f63cf58e451abddeaee39a8c7b133cb3d58c6ef1a903883bda7c346b0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ORIGIN Request headers Referer https://tickets.thecitymove.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 08 Oct 2020 09:17:15 GMT x-content-type-options nosniff last-modified Sun, 26 Jul 2020 12:11:49 GMT server nginx etag "5f1d7305-11e" x-frame-options ORIGIN content-type image/svg+xml status 200 accept-ranges bytes content-length 286
GET H2	200	site_footer_payment_logo.jpg tickets.thecitymove.com/images/timg/	4 KB 4 KB	27ms 26ms	Image image/jpeg	195.201.170.110 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tickets.thecitymove.com/images/timg/site_footer_payment_logo.jpg Requested by Host: tickets.thecitymove.com URL: https://tickets.thecitymove.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.170.110 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.110.170.201.195.clients.your-server.de Software nginx / Resource Hash cc64a9d787efa64628755880ef31950c412094c29295e3784e367f1c92853b2b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ORIGIN Request headers Referer https://tickets.thecitymove.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 08 Oct 2020 09:17:15 GMT x-content-type-options nosniff last-modified Fri, 10 Jul 2020 11:35:00 GMT server nginx etag "5f085264-ffe" x-frame-options ORIGIN content-type image/jpeg status 200 cache-control max-age=31536000 accept-ranges bytes content-length 4094 expires Fri, 08 Oct 2021 09:17:15 GMT
GET H2	200	scripts.js Show response tickets.thecitymove.com/site/js/	190 KB 59 KB	30ms 30ms	Script application/javascript	195.201.170.110 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tickets.thecitymove.com/site/js/scripts.js Requested by Host: tickets.thecitymove.com URL: https://tickets.thecitymove.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 195.201.170.110 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.110.170.201.195.clients.your-server.de Software nginx / Resource Hash 8ae02edd73f10baa7001adf50fa815eeee986d750db943f834a939fbc50a167e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ORIGIN Request headers Referer https://tickets.thecitymove.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 08 Oct 2020 09:17:15 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 03 Aug 2020 14:08:35 GMT server nginx etag W/"5f281a63-2f74c" x-frame-options ORIGIN content-type application/javascript status 200 cache-control max-age=31536000 expires Fri, 08 Oct 2021 09:17:15 GMT
GET H2	200	nr-1184.min.js Show response js-agent.newrelic.com/	27 KB 11 KB	65ms 21ms	Script application/javascript	151.101.114.110 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1184.min.js Requested by Host: tickets.thecitymove.com URL: https://tickets.thecitymove.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77 Request headers Referer https://tickets.thecitymove.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 08 Oct 2020 09:17:15 GMT content-encoding gzip x-amz-request-id A21809B1C987C063 x-cache HIT status 200 content-length 10624 x-amz-id-2 5/0iWHe8AbcxZN6Jo3BmJ2Q+tztfRSNwr+lcNTrsM79nJm6KurTN6rNwf14f8ELquc1TIDOjlf4= x-served-by cache-hhn4049-HHN last-modified Mon, 28 Sep 2020 16:34:45 GMT server AmazonS3 x-timer S1602148636.786290,VS0,VE0 etag "3d7f312be60d08a2568e311e4762f3af" vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 27615
GET H/1.1	200 OK	fd2cd6201c Show response bam.nr-data.net/1/	57 B 275 B	481ms 120ms	Script text/javascript	162.247.242.21 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/fd2cd6201c?a=165169588&v=1184.ab39b52&to=Y1NSMRNVWERZUkVaW1oZcQYVXVlZF1VUVVVBWkRKFlFUGFFfVVZM&rst=617&ck=1&ref=https://tickets.thecitymove.com/&ap=28&be=461&fe=546&dc=545&perf=%7B%22timing%22:%7B%22of%22:1602148635182,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:18,%22c%22:18,%22s%22:31,%22ce%22:383,%22rq%22:383,%22rp%22:451,%22rpe%22:454,%22dl%22:454,%22di%22:546,%22ds%22:546,%22de%22:546,%22dc%22:546,%22l%22:546,%22le%22:547%7D,%22navigation%22:%7B%7D%7D&fp=538&fcp=538&at=TxRRR1tPS0o%3D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1184.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS bam-9.nr-data.net Software / Resource Hash d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1 Request headers Referer https://tickets.thecitymove.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Length 57 Content-Type text/javascript;charset=ISO-8859-1
POST H/1.1	200 OK	fd2cd6201c Show response bam.nr-data.net/events/1/	24 B 190 B	121ms 120ms	XHR image/gif	162.247.242.21 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/events/1/fd2cd6201c?a=165169588&v=1184.ab39b52&to=Y1NSMRNVWERZUkVaW1oZcQYVXVlZF1VUVVVBWkRKFlFUGFFfVVZM&rst=10618&ck=1&ref=https://tickets.thecitymove.com/ Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1184.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.21 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS bam-9.nr-data.net Software / Resource Hash 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300 Request headers Referer https://tickets.thecitymove.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type text/plain Response headers Access-Control-Allow-Origin https://tickets.thecitymove.com Access-Control-Allow-Credentials true Content-Length 24 Content-Type image/gif

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| NREUM object| newrelic function| __nr_require function| _typeof function| _createClass function| _classCallCheck object| AutocompleteDefaults function| Autocomplete function| showMonth function| showSearchResult function| $ function| jQuery

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tickets.thecitymove.com/	1970-01-19 13:45:40	Name: lang Value: ru
			tickets.thecitymove.com/	1969-12-31 23:59:59	Name: Zend_Auth Value: 7hh3af221kci8svfffugor44q2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
fonts.googleapis.com
js-agent.newrelic.com
tickets.thecitymove.com
151.101.114.110
162.247.242.21
195.201.170.110
2a00:1450:4001:800::200a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
522303cd3286fc6112a62f9f796a005f42fb00bdc7d6ec0ed34c0f9957788018
5b51b57f63cf58e451abddeaee39a8c7b133cb3d58c6ef1a903883bda7c346b0
6c86363aecf6ca763263c39c32d77a71c95f5c015a0a84f0a594389263f390e1
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
8ae02edd73f10baa7001adf50fa815eeee986d750db943f834a939fbc50a167e
cc64a9d787efa64628755880ef31950c412094c29295e3784e367f1c92853b2b
cc6b5997a47077485ad9d0908859c43474a895712042182b2fca3fbabb0d6169
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1