widget.biletcb.kz Open in urlscan Pro
194.67.82.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://widget.biletcb.kz/
Submission: On October 28 via automatic, source certstream-suspicious (October 28th 2024, 9:36:23 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 194.67.82.185, located in Kazakhstan and belongs to IT-GRAD, KZ. The main domain is widget.biletcb.kz.
TLS certificate: Issued by R11 on October 27th 2024. Valid for: 3 months.

This is the only time widget.biletcb.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	194.67.82.185 194.67.82.185	212189 (IT-GRAD) (IT-GRAD)
1	2606:4700:10:... 2606:4700:10::6816:359c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
13	5

7 194.67.82.185 (Kazakhstan)

ASN212189 (IT-GRAD, KZ)

widget.biletcb.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.kazticket.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.kazticket.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:359c (United States)

ASN13335 (CLOUDFLARENET, US)

widget.cloudpayments.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	biletcb.kz widget.biletcb.kz	932 KB
3	kazticket.kz auth.kazticket.kz api.kazticket.kz	571 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	72 KB
1	cloudpayments.kz widget.cloudpayments.kz	49 KB
13	5

	Domain	Requested by
4	widget.biletcb.kz	widget.biletcb.kz
2	www.facebook.com
2	api.kazticket.kz	widget.biletcb.kz
2	connect.facebook.net	widget.biletcb.kz connect.facebook.net
1	auth.kazticket.kz	widget.biletcb.kz
1	widget.cloudpayments.kz	widget.biletcb.kz
13	6

This site contains no links.

Subject Issuer	Validity	Valid
biletcb.kz R11	`2024-10-27` - `2025-01-25`	3 months	crt.sh
widget.cloudpayments.kz WE1	`2024-09-17` - `2024-12-16`	3 months	crt.sh
*.kazticket.kz Sectigo RSA Domain Validation Secure Server CA	`2024-05-14` - `2025-06-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-07` - `2024-11-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://widget.biletcb.kz/
Frame ID: A833111DB18EE1FE4A1EF77D2AE8A705
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Box-center.kz Widget

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

13
Requests

92 %
HTTPS

75 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

1056 kB
Transfer

1358 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
widget.biletcb.kz/ 506 B
611 B 383ms
81ms Document
text/html 194.67.82.185
IT-GRAD

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.biletcb.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.67.82.185 , Kazakhstan, ASN212189 (IT-GRAD, KZ),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 801d00799dc136033a0bcb9ef3e36d4119b732c2b2de55b87f68934271eec461

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 28 Oct 2024 21:36:17 GMT
ETag: W/"671eb714-1fa"
Last-Modified: Sun, 27 Oct 2024 21:56:36 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 cloudpayments.js Show response
widget.cloudpayments.kz/bundles/ 130 KB
49 KB 251ms
214ms Script
application/javascript 2606:4700:10::6816:359c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.cloudpayments.kz/bundles/cloudpayments.js
Requested by: Host: widget.biletcb.kz
URL: https://widget.biletcb.kz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:359c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7c1bb953f9ec0a95dda4df00e4a8d9a88feb5788ea669ee6e1b2cac5ec4a30

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://widget.biletcb.kz/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"670e3295-a548"
report-to: {"group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "https://widget.cloudpayments.kz/monitoring-api/csp" }] }
content-security-policy-report-only: default-src https://widget.cloudpayments.kz; connect-src https://widget.cloudpayments.kz https://api.cloudpayments.kz https://api2.amplitude.com/ https://static.cloudpayments.ru https://static-stage.cloudpayments.ru https://pay.google.com https://google.com https://www.google.com https://pay.yandex.ru https://api-statist.dev-tcsgroup.io https://api-statist.tinkoff.ru https://forma.tinkoff.ru; font-src https://widget.cloudpayments.kz data:; frame-src *; frame-ancestors 'self' https:; img-src https://widget.cloudpayments.kz https://static.cloudpayments.ru https://static-stage.cloudpayments.ru https://pay.yandex.ru https://cp.ru https://qr.nspk.ru https://www.gstatic.com data:; media-src https://widget.cloudpayments.kz https://static.cloudpayments.ru https://static-stage.cloudpayments.ru; object-src https://widget.cloudpayments.kz; script-src https://widget.cloudpayments.kz https://forma.tinkoff.ru https://pay.google.com https://pay.yandex.ru 'sha256-X7hlFWwNeiesyjdfNFJj7/3OwFYiJ7PdoDlKAkyjTWA=';style-src 'unsafe-inline' https:; report-to csp-endpoint; report-uri https://widget.cloudpayments.kz/monitoring-api/csp
cf-ray: 8d9e0f7df8175d8d-FRA
date: Mon, 28 Oct 2024 21:36:17 GMT
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 09:15:01 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK main-b77c1655.js Show response
widget.biletcb.kz/ 882 KB
882 KB 174ms
174ms Script
application/javascript 194.67.82.185
IT-GRAD

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.biletcb.kz/main-b77c1655.js
Requested by: Host: widget.biletcb.kz
URL: https://widget.biletcb.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.67.82.185 , Kazakhstan, ASN212189 (IT-GRAD, KZ),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 66ecf19b7731c73b125cc7ca3f9c1c611fcaa07f0f24867ab0e5091b3eaa704f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://widget.biletcb.kz
Referer: https://widget.biletcb.kz/

Response headers

ETag: "671eb714-dc787"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 903047
Date: Mon, 28 Oct 2024 21:36:17 GMT
Content-Type: application/javascript
Last-Modified: Sun, 27 Oct 2024 21:56:36 GMT
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK index-a04983cb.css
widget.biletcb.kz/ 49 KB
49 KB 331ms
159ms Stylesheet
text/css 194.67.82.185
IT-GRAD

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.biletcb.kz/index-a04983cb.css
Requested by: Host: widget.biletcb.kz
URL: https://widget.biletcb.kz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.67.82.185 , Kazakhstan, ASN212189 (IT-GRAD, KZ),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a04983cbabc53bc813b5e7c3020dd785bd69294c0f4486cb80755a64f9a257e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://widget.biletcb.kz/

Response headers

ETag: "671eb714-c481"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50305
Date: Mon, 28 Oct 2024 21:36:17 GMT
Content-Type: text/css
Last-Modified: Sun, 27 Oct 2024 21:56:36 GMT
Server: nginx/1.18.0 (Ubuntu)

OPTIONS
H/1.1 405
Method Not Allowed userinfo
auth.kazticket.kz/connect/ 0
0 355ms
83ms Preflight 194.67.82.185
IT-GRAD

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.kazticket.kz/connect/userinfo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.67.82.185 , Kazakhstan, ASN212189 (IT-GRAD, KZ),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://widget.biletcb.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 28 Oct 2024 21:36:18 GMT
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

GET userinfo
auth.kazticket.kz/connect/ 0
0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 229 KB
58 KB 21ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: widget.biletcb.kz
URL: https://widget.biletcb.kz/main-b77c1655.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

836c3398d4eaf117b43be2d45de19a00dbecd1eba77e2a3da4f22494ee6f5bb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-jTs09MOp' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://widget.biletcb.kz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 21:36:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jTs09MOp' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4452, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: FkvPXw83WEyBHJL+yLOLZ/eNrqCbe/SRfEWLef8c3UjPQ+V8CGSXHns4KTej3ZY/Zif5R3XHHR0OVDMktXYQ/w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59725
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 404
Not Found vite.svg
widget.biletcb.kz/ 555 B
383 B 82ms
81ms Other
text/html 194.67.82.185
IT-GRAD

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.biletcb.kz/vite.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.67.82.185 , Kazakhstan, ASN212189 (IT-GRAD, KZ),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 49f3821181417ffe62aa84e16aafae1e835e4ef5cabbc9499a0a94b3b72f453a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://widget.biletcb.kz/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Mon, 28 Oct 2024 21:36:18 GMT
Content-Type: text/html
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive

GET
H3 200 921505042661482 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 326ms
324ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/921505042661482?v=2.9.174&r=stable&domain=widget.biletcb.kz&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e65f72b2f10c4002e5469aee1654520ef6dfb49c23d7ec7b21909f9e39de8d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-gqBCxSz2' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://widget.biletcb.kz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 21:36:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gqBCxSz2' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=69, mss=1232, tbw=68510, tp=65, tpl=0, uplat=316, ullat=0
pragma: public
x-fb-debug: sDDa3fzm3BFpDYmRG/t6KVy83jNl5SBjmlFENMA4qqnOUgIWI7RTL/hwxW/5MFfufi+5G6ImGjmWc6NB6OkfFQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 400
Bad Request null Show response
api.kazticket.kz/events/commercial/EventNotifications/ 247 B
571 B 80ms
78ms XHR
application/problem+json 194.67.82.185
IT-GRAD

General

Check archive.org

Show headers Download Go to

Full URL: https://api.kazticket.kz/events/commercial/EventNotifications/null
Requested by: Host: widget.biletcb.kz
URL: https://widget.biletcb.kz/main-b77c1655.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.67.82.185 , Kazakhstan, ASN212189 (IT-GRAD, KZ),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1212e61ca4c61f08aa5d885d785fd59043e10e5ebdb49efc29d9418870167c43

Request headers

Authorization: Bearer
Referer: https://widget.biletcb.kz/
accept-language: ru-RU
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://widget.biletcb.kz
Date: Mon, 28 Oct 2024 21:36:19 GMT
Content-Type: application/problem+json; charset=utf-8
Vary: Origin
Server: nginx/1.18.0 (Ubuntu)

OPTIONS
H/1.1 204
No Content null
api.kazticket.kz/events/commercial/EventNotifications/ 0
0 379ms
77ms Preflight 194.67.82.185
IT-GRAD

General

Check archive.org

Show headers Download Go to

Full URL: https://api.kazticket.kz/events/commercial/EventNotifications/null
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.67.82.185 , Kazakhstan, ASN212189 (IT-GRAD, KZ),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://widget.biletcb.kz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://widget.biletcb.kz
Connection: keep-alive
Date: Mon, 28 Oct 2024 21:36:18 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 25ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=921505042661482&ev=PageView&dl=https%3A%2F%2Fwidget.biletcb.kz%2F&rl=&if=false&ts=1730151378672&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1730151378668.546812850703792496&ler=empty&cdl=API_unavailable&it=1730151378312&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://widget.biletcb.kz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2909, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 28 Oct 2024 21:36:18 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 156ms
141ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=921505042661482&ev=PageView&dl=https%3A%2F%2Fwidget.biletcb.kz%2F&rl=&if=false&ts=1730151378672&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=12318&fbp=fb.1.1730151378668.546812850703792496&ler=empty&cdl=API_unavailable&it=1730151378312&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://widget.biletcb.kz/

Response headers

content-encoding: br
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7430943586639090119"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 21:36:18 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: gfSgAbV2EnLVqn6Y/B2PG5FTXAFawdYjAqkY3F/Ta0/4kjlByPWJs6h1frLi4AmtTDWSy3MsB9BEoUlS+t/iQg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7430943586639090119", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3226, tp=-1, tpl=-1, uplat=131, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: auth.kazticket.kz
URL: https://auth.kazticket.kz/connect/userinfo

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| cp function| fbq function| _fbq

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.biletcb.kz/	1970-01-21 02:45:27	Name: _fbp Value: fb.1.1730151378668.546812850703792496

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://widget.biletcb.kz/vite.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://widget.biletcb.kz/ Message: Access to fetch at 'https://auth.kazticket.kz/connect/userinfo' from origin 'https://widget.biletcb.kz' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://auth.kazticket.kz/connect/userinfo Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://api.kazticket.kz/events/commercial/EventNotifications/null Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.kazticket.kz
auth.kazticket.kz
connect.facebook.net
widget.biletcb.kz
widget.cloudpayments.kz
www.facebook.com
auth.kazticket.kz
194.67.82.185
2606:4700:10::6816:359c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
1212e61ca4c61f08aa5d885d785fd59043e10e5ebdb49efc29d9418870167c43
1e65f72b2f10c4002e5469aee1654520ef6dfb49c23d7ec7b21909f9e39de8d9
49f3821181417ffe62aa84e16aafae1e835e4ef5cabbc9499a0a94b3b72f453a
5c7c1bb953f9ec0a95dda4df00e4a8d9a88feb5788ea669ee6e1b2cac5ec4a30
66ecf19b7731c73b125cc7ca3f9c1c611fcaa07f0f24867ab0e5091b3eaa704f
801d00799dc136033a0bcb9ef3e36d4119b732c2b2de55b87f68934271eec461
836c3398d4eaf117b43be2d45de19a00dbecd1eba77e2a3da4f22494ee6f5bb1
a04983cbabc53bc813b5e7c3020dd785bd69294c0f4486cb80755a64f9a257e2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

widget.biletcb.kz Open in urlscan Pro 194.67.82.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

75 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

1056 kBTransfer

1358 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

widget.biletcb.kz Open in urlscan Pro
194.67.82.185 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

75 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

1056 kB
Transfer

1358 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions