savvy.qrticket.com.ua Open in urlscan Pro
138.201.118.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://savvy.qrticket.com.ua/
Submission: On August 18 via automatic, source certstream-suspicious (August 18th 2021, 4:47:37 am UTC)

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 40 HTTP transactions. The main IP is 138.201.118.48, located in Germany and belongs to HETZNER-AS, DE. The main domain is savvy.qrticket.com.ua.
TLS certificate: Issued by R3 on July 27th 2021. Valid for: 3 months.

This is the only time savvy.qrticket.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	138.201.118.48 138.201.118.48	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	176.34.224.15 176.34.224.15	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:303... 2606:4700:3037::ac43:a12f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
40	11

18 138.201.118.48 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.118.201.138.clients.your-server.de

savvy.qrticket.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.34.224.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-224-15.eu-west-1.compute.amazonaws.com

bitrix.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:a12f (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	qrticket.com.ua savvy.qrticket.com.ua	403 KB
8	fontawesome.com kit.fontawesome.com use.fontawesome.com ka-f.fontawesome.com	200 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	281 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	160 KB
2	bitrix.info bitrix.info	4 KB
2	jsdelivr.net cdn.jsdelivr.net	16 KB
1	google.com www.google.com	721 B
40	7

	Domain	Requested by
18	savvy.qrticket.com.ua	savvy.qrticket.com.ua
6	ka-f.fontawesome.com	kit.fontawesome.com savvy.qrticket.com.ua
4	fonts.gstatic.com	fonts.googleapis.com
3	ajax.googleapis.com	savvy.qrticket.com.ua
2	bitrix.info	savvy.qrticket.com.ua bitrix.info
2	cdn.jsdelivr.net	savvy.qrticket.com.ua
1	www.gstatic.com	www.google.com
1	use.fontawesome.com	savvy.qrticket.com.ua
1	kit.fontawesome.com	savvy.qrticket.com.ua
1	fonts.googleapis.com	savvy.qrticket.com.ua
1	www.google.com	savvy.qrticket.com.ua
40	11

This site contains links to these domains. Also see Links.

Domain
savvy.co.ua
qrticket.com.ua

Subject Issuer	Validity	Valid
savvy.qrticket.com.ua R3	`2021-07-27` - `2021-10-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.bitrix.info Go Daddy Secure Certificate Authority - G2	`2020-02-14` - `2022-04-14`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://savvy.qrticket.com.ua/
Frame ID: EA7346F5A72D8AF2C8925261A0369503
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

1C-Bitrix (CMS) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link[^>]+components\/bitrix|(?:src|href)="\/bitrix\/(?:js|templates))/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link[^>]+components\/bitrix|(?:src|href)="\/bitrix\/(?:js|templates))/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

40
Requests

100 %
HTTPS

82 %
IPv6

7
Domains

11
Subdomains

11
IPs

3
Countries

1064 kB
Transfer

1839 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://savvy.co.ua/
Title: savvy.co.ua

Search URL Search Domain Scan URL

URL: https://qrticket.com.ua/
Title: © QRTicket - Автоматизация билетного хозяйства

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
savvy.qrticket.com.ua/ 11 KB
5 KB 167ms
115ms Document
text/html 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 / PHP/7.2.34

Resource Hash

9c62a988ce546a62cd0f6fbe68cc0a7300407194eb1ddd9d3a272ad16d32c1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: savvy.qrticket.com.ua
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.14.2
date: Wed, 18 Aug 2021 04:47:19 GMT
content-type: text/html; charset=UTF-8
vary: HTTPS
x-powered-by: PHP/7.2.34
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms: Bitrix Site Manager (d0052ed61ad60db8853790af9d05b276)
set-cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-encoding: gzip
strict-transport-security: max-age=15768000

GET
H2 200 core.min.css
savvy.qrticket.com.ua/bitrix/js/main/core/css/ 3 KB
1 KB 27ms
27ms Stylesheet
text/css 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/js/main/core/css/core.min.css?15599881202854

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

baa83d723fdcca5fe346bcd2b5e774975daabc44ab9c0a2643b965e2eea6441b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/js/main/core/css/core.min.css?15599881202854
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 08 Jun 2019 10:02:00 GMT
server: nginx/1.14.2
etag: W/"5cfb8798-b26"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 core.min.js Show response
savvy.qrticket.com.ua/bitrix/js/main/core/ 227 KB
80 KB 35ms
34ms Script
application/javascript 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/js/main/core/core.min.js?1571680974232035

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

082854ebf8be85c418e4b1619c6f35d46e5912364f56b7ed997affc9bf6d64da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/js/main/core/core.min.js?1571680974232035
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 18:02:54 GMT
server: nginx/1.14.2
etag: W/"5dadf2ce-38a63"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 script.js Show response
savvy.qrticket.com.ua/bitrix/js/twim.recaptchafree/ 4 KB
2 KB 28ms
27ms Script
application/javascript 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/js/twim.recaptchafree/script.js?15599881254421

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

40a8f997f0fc8d8ae32685cc368abe8a94f5e0d0312b6265afb26587332364e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/js/twim.recaptchafree/script.js?15599881254421
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 08 Jun 2019 10:02:05 GMT
server: nginx/1.14.2
etag: W/"5cfb879d-1145"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 914 B
721 B 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadRecaptchafree&render=explicit&hl=ua

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe1088752c3381c3fd46c96435f9bf0019ae2cf2c1026007aa49a52a0fb9bda9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 1; mode=block
expires: Wed, 18 Aug 2021 04:47:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
628 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3053185fbbec232aa3a5500b1f4617bf459573930dbcdb0246ec472dd73de5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 04:47:19 GMT
server: ESF
date: Wed, 18 Aug 2021 04:47:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Aug 2021 04:47:19 GMT

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
8 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 01:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8422
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 01:48:35 GMT

GET
H2 200 public.css
savvy.qrticket.com.ua/bitrix/templates/qrticket/css/ 56 KB
11 KB 33ms
32ms Stylesheet
text/css 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/css/public.css?1629262039

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

801cc513e4b57aab6c91b58a8bb5dd463e439888bb0ae438239f8fde1b803c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/css/public.css?1629262039
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 16:58:16 GMT
server: nginx/1.14.2
etag: W/"60d4b9a8-e08a"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 harita.css
savvy.qrticket.com.ua/bitrix/templates/qrticket/css/ 1 KB
861 B 33ms
32ms Stylesheet
text/css 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/css/harita.css?1629262039

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

40ccb0c56aae84ba6613ea22d5d84fe6d3565492a6bf2e51318e00590fdab472

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/css/harita.css?1629262039
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 16:04:19 GMT
server: nginx/1.14.2
etag: W/"60898783-539"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 8bb2c32529.js Show response
kit.fontawesome.com/ 11 KB
4 KB 54ms
36ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/8bb2c32529.js

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

760f09d5bd897c7320a4dfd011f0097ee725f53d13d25a03d88da5d1b4a1360f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 680880e49bda2b65-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fohdrv95VD5LAaKeEdVC

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
85 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:11:03 GMT
x-content-type-options: nosniff
age: 2176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86709
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Aug 2022 04:11:03 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
66 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 20:11:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 20:11:11 GMT

GET
H2 200 svg-pan-zoom.min.js Show response
cdn.jsdelivr.net/npm/svg-pan-zoom@3.6.0/dist/ 29 KB
8 KB 23ms
7ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/svg-pan-zoom@3.6.0/dist/svg-pan-zoom.min.js

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

78aea209182119230c6173b65f1a834c040ef5c0a99bbe36af1178d95eef0f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 686262
x-jsd-version: 3.6.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 8273
etag: W/"74c0-4Lq9xomXy2Fo7PRVVn0Z5avHbSA"
x-served-by: cache-fra19120-FRA
x-jsd-version-type: version
date: Wed, 18 Aug 2021 04:47:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hammer.min.js Show response
cdn.jsdelivr.net/npm/hammerjs@2.0.8/ 20 KB
8 KB 22ms
6ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hammerjs@2.0.8/hammer.min.js

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 535412
x-jsd-version: 2.0.8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7346
etag: W/"511d-2r+t5mVqEBjQZbXzZz9BVKr3qLo"
x-served-by: cache-fra19120-FRA
x-jsd-version-type: version
date: Wed, 18 Aug 2021 04:47:19 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 datepicker-ru.js Show response
savvy.qrticket.com.ua/bitrix/templates/qrticket/js/ 1 KB
1 KB 33ms
32ms Script
application/javascript 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/js/datepicker-ru.js

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

380037d70f1d96d815421f9c7d008838b26e4c97cfa290b079a57639e401aa1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/js/datepicker-ru.js
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Aug 2019 12:20:11 GMT
server: nginx/1.14.2
etag: W/"5d481efb-589"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 module.sepet.js Show response
savvy.qrticket.com.ua/bitrix/templates/qrticket/js/ 17 KB
6 KB 34ms
33ms Script
application/javascript 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/js/module.sepet.js?1629262039

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

c62829fc68da0d0d892ef022ce65c5198177c38ec356c5f67b9aee0f397f4b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/js/module.sepet.js?1629262039
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 15:38:54 GMT
server: nginx/1.14.2
etag: W/"60d4a70e-44b4"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 module.harita.js Show response
savvy.qrticket.com.ua/bitrix/templates/qrticket/js/ 9 KB
3 KB 33ms
33ms Script
application/javascript 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/js/module.harita.js?1629262039

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

a2f5e7bfc8346b1d752b15b91879754fbb36d3a6ff621ee93ab1e537046e80b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/js/module.harita.js?1629262039
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jul 2021 10:35:47 GMT
server: nginx/1.14.2
etag: W/"60fe9003-23ed"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 public.js Show response
savvy.qrticket.com.ua/bitrix/templates/qrticket/js/ 2 KB
1009 B 35ms
34ms Script
application/javascript 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/js/public.js

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

ba2fa6575d290e76c9c3a51039dfc7ae4d0f5ba8c8195a8dc09095b18b646a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/js/public.js
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 10:48:21 GMT
server: nginx/1.14.2
etag: W/"5df0c975-70c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.13/css/ 40 KB
10 KB 345ms
328ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by: Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:20 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 84CVV8GB6E11D23F
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: ovAC+Wx6tAXfYr8uUalXZKKxHQUHcJULKA/hAXiwU9sLLCpZDPZZWM0f43ik4PSHc2uvvL85Czk=
last-modified: Wed, 30 Jun 2021 15:27:31 GMT
server: cloudflare
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aRyK4u9%2FVQk9R5bu%2BRuWPj07CpiM07M%2F79aFYemxQhvl%2BQMKLA%2F%2Br4XO28mVunDzfQow%2Fjb2%2BKIRJ6EYZYLrjX0ApWevxBjs%2FCDrxlwN5UnfafrPXw6qQX6mu77qqSwsd%2BFQOrDRgJ8%2FZoQJ4EX%2BOpP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 680880e49ded1f1d-FRA

GET
H2 200 logo.png
savvy.qrticket.com.ua/bitrix/templates/qrticket/images/ 8 KB
8 KB 21ms
21ms Image
image/png 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/images/logo.png

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

2415a7077ad33a2f00fb24dad358a39477e0d3440db49158865931bba7c4afd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/images/logo.png
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 08 Jun 2019 10:27:05 GMT
server: nginx/1.14.2
etag: "5cfb8d79-2046"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 8262
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 mobile-meny.png
savvy.qrticket.com.ua/bitrix/templates/qrticket/images/ 143 B
419 B 24ms
23ms Image
image/png 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/images/mobile-meny.png

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

ccc5ed4bcfe99b08fb38fabeb269900eb0fde65a84a9347e8fbe6d5666460044

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/images/mobile-meny.png
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 08 Jun 2019 10:01:47 GMT
server: nginx/1.14.2
etag: "5cfb878b-8f"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 143
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 logo-footer4.jpg
savvy.qrticket.com.ua/bitrix/templates/qrticket/images/ 8 KB
8 KB 24ms
23ms Image
image/jpeg 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/images/logo-footer4.jpg

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

0d450d3485bfccdb586e70ba26d890ba900cf3efcdea34bccdad5a17c489e92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/images/logo-footer4.jpg
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 09:31:47 GMT
server: nginx/1.14.2
etag: "5d679b83-1e06"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 7686
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 logo-footer5.jpg
savvy.qrticket.com.ua/bitrix/templates/qrticket/images/ 8 KB
8 KB 25ms
24ms Image
image/jpeg 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/images/logo-footer5.jpg

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

cc3d73d2397646ddaf15e6f2541dd6c7da5f259059881eb6d4ca64ec0e87fb63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/images/logo-footer5.jpg
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Aug 2019 09:32:29 GMT
server: nginx/1.14.2
etag: "5d679bad-1f0a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 7946
expires: Fri, 17 Sep 2021 04:47:19 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/ 341 KB
133 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/JF4U2g-hvLrBJ_UxdbKj92gN/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadRecaptchafree&render=explicit&hl=ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 12:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136003
x-xss-protection: 0
last-modified: Fri, 13 Aug 2021 09:02:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 12:41:38 GMT

GET
H/1.1 200
OK ba.js Show response
bitrix.info/ 7 KB
3 KB 122ms
30ms Script
application/javascript 176.34.224.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bitrix.info/ba.js
Requested by: Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.224.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-224-15.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.1 /
Resource Hash: 897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 04:47:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 09:38:38 GMT
Server: nginx/1.10.1
ETag: W/"60a4dc9e-1a03"
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 3008
Expires: Fri, 20 Aug 2021 04:47:19 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 59 KB
13 KB 33ms
17ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=8bb2c32529
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8bb2c32529.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wg8D0A1VWq1fHQiOqXaokkK%2FrryoGXeklk6qOmqqv0pIdeUVGCfkaP98SZ%2FYjlUyDIm8tXNLEX%2F4Wbh3uZMp8cDuFzwyFKd4eZ8w5TfcJCHsyS%2F9sf15BFnrLJbSQyUPhXm9dRpv%2FEFJiperDeL6QC%2F8mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 680880e51e9a4edf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 0KGV3cbCKaQR4lz0GjKKuNP0gOYEzbY14JvDBYoXDSsaHFU0JCCGgw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 26 KB
5 KB 38ms
23ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=8bb2c32529
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8bb2c32529.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FA14AElI4FxHL8xmWr6oNvLM1Cia3zBtzpI%2F3p8xigXm9BS2mHRjUBo1mySVWSiJiaRnf1t98iXeK36ZegRk6C1i%2F8RI8g08O0rtysJz%2B4zSutJihTlK93VnbWPZoisfA6A1ttO39mXPsjngeiUVbVPcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 680880e51e9b4edf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: A30xQO_6J-3rArxtcc1Ebend5vWFmTgTvVOzxLbuYd720Ocb87czsg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ 3 KB
2 KB 31ms
15ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=8bb2c32529
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/8bb2c32529.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:19 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtslOPelIh2QK%2BVIPpIweQkaiDb%2BlfRqXHft7OZxp4kbpIiCBISxAr%2FKAZUCSdGmaWjebSKTZULnW3hOXqO9%2B6QD9Bj6%2F7P5Y51%2F7sz1F73Ncql7RJIFFue3hVoQal3H8cP8mPI%2FO7OJnPG05AWMJ82bnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 680880e51e9d4edf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: yN5OF9q2mci3W02HPXj6e_ZaYaXK1ymctGkZb-C9y2mCMNCzDxA9zQ==

POST
H2 200 ajax_counter.php Show response
savvy.qrticket.com.ua/bitrix/tools/conversion/ 4 B
571 B 67ms
67ms XHR
text/html 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/bitrix/tools/conversion/ajax_counter.php

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 / PHP/7.2.34

Resource Hash

db8b8e836881534b3e62cf633db64f28af421e09feaae85bd3f3249912053c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://savvy.qrticket.com.ua
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
content-length: 64
:path: /bitrix/tools/conversion/ajax_counter.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 04:47:20 GMT
x-content-type-options: nosniff
server: nginx/1.14.2
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34
x-powered-cms: Bitrix Site Manager (d0052ed61ad60db8853790af9d05b276)
strict-transport-security: max-age=15768000
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: no-store, no-cache, must-revalidate
set-cookie: BITRIX_CONVERSION_CONTEXT_s1=%7B%22ID%22%3A2%2C%22EXPIRE%22%3A1629320340%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D; expires=Thu, 18-Aug-2022 04:47:20 GMT; Max-Age=31536000; path=/
content-type: text/html; charset=UTF-8
vary: HTTPS
content-length: 4
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK bx_stat Show response
bitrix.info/ 42 B
544 B 38ms
37ms XHR
application/javascript 176.34.224.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bitrix.info/bx_stat
Requested by: Host: bitrix.info
URL: https://bitrix.info/ba.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.224.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-224-15.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.1 /
Resource Hash: d0f573cf68968656b3f9d3b51bda9bcd36a89ec56129a6ac57ae9b1510633409

Request headers

Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 18 Aug 2021 04:47:20 GMT
Server: nginx/1.10.1
ETag: f85c40d6b08711862aa965f40e93f68c
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Access-Control-Allow-Origin: https://savvy.qrticket.com.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 42

GET
H2 200 jsonBasketGet.php Show response
savvy.qrticket.com.ua/api/ 88 B
494 B 118ms
118ms XHR
application/json 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://savvy.qrticket.com.ua/api/jsonBasketGet.php

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/bitrix/templates/qrticket/js/module.sepet.js?1629262039

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 / PHP/7.2.34

Resource Hash

50ecd083d95f395039c803d821e1653f62fa5ab2e0bfdc7a1ecd8ee2fcda3dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /api/jsonBasketGet.php
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 04:47:20 GMT
x-content-type-options: nosniff
server: nginx/1.14.2
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34
x-powered-cms: Bitrix Site Manager (d0052ed61ad60db8853790af9d05b276)
vary: HTTPS
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=15768000
content-type: application/json
content-length: 88
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 cart.png
savvy.qrticket.com.ua/bitrix/templates/qrticket/images/ 926 B
1 KB 20ms
19ms Image
image/png 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/images/cart.png

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/bitrix/templates/qrticket/css/public.css?1629262039

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

323d1de5a5fa6652398518d1c53a4d8f1e4af052eaa8334e82a6f6ba47fb0a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/images/cart.png
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/bitrix/templates/qrticket/css/public.css?1629262039
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/bitrix/templates/qrticket/css/public.css?1629262039
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2019 08:36:50 GMT
server: nginx/1.14.2
etag: "5d4a8da2-39e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 926
expires: Fri, 17 Sep 2021 04:47:20 GMT

GET
H2 200 bg-seminar.jpg
savvy.qrticket.com.ua/bitrix/templates/qrticket/images/ 264 KB
264 KB 20ms
19ms Image
image/jpeg 138.201.118.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://savvy.qrticket.com.ua/bitrix/templates/qrticket/images/bg-seminar.jpg

Requested by

Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/bitrix/templates/qrticket/css/public.css?1629262039

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.201.118.48 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.48.118.201.138.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

4e4d1ff76db47c1047d1d6e6589a19bd6e5f9aa800351472efc2c2d778803f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /bitrix/templates/qrticket/images/bg-seminar.jpg
pragma: no-cache
cookie: PHPSESSID=gu4acu6tam2tg8811mtqfp49iq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: savvy.qrticket.com.ua
referer: https://savvy.qrticket.com.ua/bitrix/templates/qrticket/css/public.css?1629262039
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://savvy.qrticket.com.ua/bitrix/templates/qrticket/css/public.css?1629262039
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Oct 2019 12:45:21 GMT
server: nginx/1.14.2
etag: "5d934a61-41f82"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
strict-transport-security: max-age=15768000
accept-ranges: bytes
content-length: 270210
expires: Fri, 17 Sep 2021 04:47:20 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v12/ 29 KB
29 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea7c08207bf016c414051b132152afb005bfd6cd3382b95987fb70ee6a96e2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:58:22 GMT
x-content-type-options: nosniff
age: 46138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29880
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:58:22 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 46 KB
46 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 22:35:29 GMT
x-content-type-options: nosniff
age: 108711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 22:35:29 GMT

GET
H3-29 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 75 KB
76 KB 34ms
21ms Font
font/woff2 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-brands-400.woff2
Requested by: Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ccf1652fc1d765e8baae449dfe64d9a4c826da326c03085eb8603a17a7e175d

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:20 GMT
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 76732
last-modified: Wed, 17 Mar 2021 02:28:17 GMT
server: cloudflare
etag: "f226ebb9ea1cc388279081a65b6a7bb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roKH1soABgqh0f7fezXx9V4Jke3JHua%2B4ASFA5FMaQhBIbfyX%2F%2F9sfV92k%2FQJPS5kyVLUdEvB3NIOHCkghqD1syIXB9SHgoUtdFxtK34qyQ1c3KLvJcWRA9YUL0IzlctPbcw5lK5uMmWFN2ZdueeABMd9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 680880e6ca2dc272-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Yfe1qRX2yeu5GK5EWbcMTsUBQSiEZEyORntCWRbZjwYbyFlgAj2wKA==

GET
H3-29 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 13 KB
14 KB 28ms
15ms Font
font/woff2 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-regular-400.woff2
Requested by: Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f397092cf73336318795755fd359194072438816835d2cd3a2d01948db7a0d1f

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:20 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13292
last-modified: Wed, 17 Mar 2021 02:28:17 GMT
server: cloudflare
etag: "3f46d884913ca952661ea484e4646fd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmEzc%2FE3QY0yO2ZXCgdxrxSHuhyXjl5JjEmNrXEcNOgmU2jIhN7ggery16%2FGS%2BFc1Mu9ITCl7K791Xswt4duRLdODoOoh8s%2B5zIuaQ5rxdj8mzJVB0fVKi8XGlzZZiZrJG1zePoC%2FUJBvME%2BhC1JrOpI5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 680880e6ca2ec272-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: UP2gXqs4L5yD2s3yVIhedorxq_Viu6R4MzJ0n4V9bMGiAaftgyyU5w==

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
44 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 19:47:58 GMT
x-content-type-options: nosniff
age: 118762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 19:47:58 GMT

GET
H3-29 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v12/ 28 KB
28 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86de45c48686f20bcd29801c5deee8e780ac3661a0355e90c256980d764771ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 05:12:20 GMT
x-content-type-options: nosniff
age: 84900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28564
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 05:12:20 GMT

GET
H3-29 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.3/webfonts/ 76 KB
77 KB 21ms
21ms Font
font/woff2 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-solid-900.woff2
Requested by: Host: savvy.qrticket.com.ua
URL: https://savvy.qrticket.com.ua/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b

Request headers

Origin: https://savvy.qrticket.com.ua
Referer: https://savvy.qrticket.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 04:47:20 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 78212
last-modified: Wed, 17 Mar 2021 02:28:18 GMT
server: cloudflare
etag: "4e463cfb29c596ba3bb8b0c2469914e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxdrnEybfgL1Oiji8IBMdTqE5LC9J26LPMlejoFW34zs4usxEjJMsjYanILhCrB3YPRHNY1X3XONDuY3ddX%2B5mxHbQ2%2B5bXHG%2FhAbOnaZdDsnM8e%2BMGP1KtIcpaGF8wtihR7pljMlTx2RcXBmSw2Cykb6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 680880e70a6fc272-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: SZ7rpIhXiCEkGgDVFMzsMKelNQ_L1CQD_P7jbsaUtaVyNk159M2q7w==

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
savvy.qrticket.com.ua/	1970-01-20 05:19:58	Name: BITRIX_CONVERSION_CONTEXT_s1 Value: %7B%22ID%22%3A2%2C%22EXPIRE%22%3A1629320340%2C%22UNIQUE%22%3A%5B%22conversion_visit_day%22%5D%7D
savvy.qrticket.com.ua/	1970-01-23 12:10:22	Name: BX_USER_ID Value: f85c40d6b08711862aa965f40e93f68c
savvy.qrticket.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: gu4acu6tam2tg8811mtqfp49iq

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://savvy.qrticket.com.ua/bitrix/templates/qrticket/js/module.sepet.js?1629262039(Line 156) Message: undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bitrix.info
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
savvy.qrticket.com.ua
use.fontawesome.com
www.google.com
www.gstatic.com
138.201.118.48
176.34.224.15
2606:4700:3037::6815:4e07
2606:4700:3037::ac43:a12f
2606:4700::6812:1734
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a04:4e42:3::485
065eb3954b9ea8584f535ede5b5c563383c3b40e4e0344f75a02c4bf3200314b
082854ebf8be85c418e4b1619c6f35d46e5912364f56b7ed997affc9bf6d64da
0d450d3485bfccdb586e70ba26d890ba900cf3efcdea34bccdad5a17c489e92e
1ccf1652fc1d765e8baae449dfe64d9a4c826da326c03085eb8603a17a7e175d
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
2415a7077ad33a2f00fb24dad358a39477e0d3440db49158865931bba7c4afd0
3053185fbbec232aa3a5500b1f4617bf459573930dbcdb0246ec472dd73de5fd
323d1de5a5fa6652398518d1c53a4d8f1e4af052eaa8334e82a6f6ba47fb0a10
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
380037d70f1d96d815421f9c7d008838b26e4c97cfa290b079a57639e401aa1e
40a8f997f0fc8d8ae32685cc368abe8a94f5e0d0312b6265afb26587332364e6
40ccb0c56aae84ba6613ea22d5d84fe6d3565492a6bf2e51318e00590fdab472
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
4e4d1ff76db47c1047d1d6e6589a19bd6e5f9aa800351472efc2c2d778803f2d
50ecd083d95f395039c803d821e1653f62fa5ab2e0bfdc7a1ecd8ee2fcda3dcd
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
760f09d5bd897c7320a4dfd011f0097ee725f53d13d25a03d88da5d1b4a1360f
78aea209182119230c6173b65f1a834c040ef5c0a99bbe36af1178d95eef0f84
7953631f0e54794d2352a3cfa591c0914d73e14f90141058e3cf16bee7939bcf
801cc513e4b57aab6c91b58a8bb5dd463e439888bb0ae438239f8fde1b803c14
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86de45c48686f20bcd29801c5deee8e780ac3661a0355e90c256980d764771ce
897c58672b375fd206d4df4ccd71a3fa3e29f739f4db5251b94895ad015f9710
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9c62a988ce546a62cd0f6fbe68cc0a7300407194eb1ddd9d3a272ad16d32c1a7
a2f5e7bfc8346b1d752b15b91879754fbb36d3a6ff621ee93ab1e537046e80b2
aea0613bc3e7ee6394796116296f9ca5d04a47487c331814b71341bc00bb3456
ba2fa6575d290e76c9c3a51039dfc7ae4d0f5ba8c8195a8dc09095b18b646a58
baa83d723fdcca5fe346bcd2b5e774975daabc44ab9c0a2643b965e2eea6441b
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
c62829fc68da0d0d892ef022ce65c5198177c38ec356c5f67b9aee0f397f4b03
cc3d73d2397646ddaf15e6f2541dd6c7da5f259059881eb6d4ca64ec0e87fb63
ccc5ed4bcfe99b08fb38fabeb269900eb0fde65a84a9347e8fbe6d5666460044
d0f573cf68968656b3f9d3b51bda9bcd36a89ec56129a6ac57ae9b1510633409
db8b8e836881534b3e62cf633db64f28af421e09feaae85bd3f3249912053c65
ea7c08207bf016c414051b132152afb005bfd6cd3382b95987fb70ee6a96e2db
f397092cf73336318795755fd359194072438816835d2cd3a2d01948db7a0d1f
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
fe1088752c3381c3fd46c96435f9bf0019ae2cf2c1026007aa49a52a0fb9bda9

savvy.qrticket.com.ua Open in urlscan Pro 138.201.118.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

82 %IPv6

7 Domains

11 Subdomains

11 IPs

3 Countries

1064 kBTransfer

1839 kBSize

3 Cookies

2 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

savvy.qrticket.com.ua Open in urlscan Pro
138.201.118.48 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

82 %
IPv6

7
Domains

11
Subdomains

11
IPs

3
Countries

1064 kB
Transfer

1839 kB
Size

3
Cookies

40 HTTP transactions
0 data transactions