www.tickets-shop.pro
Open in
urlscan Pro
45.147.197.70
Malicious Activity!
Public Scan
Submission: On June 22 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by R3 on June 22nd 2022. Valid for: 3 months.
This is the only time www.tickets-shop.pro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Visa (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 45.147.197.70 45.147.197.70 | 204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands) | |
2 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:50c0:800... 2606:50c0:8003::154 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:7aaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 45.130.41.42 45.130.41.42 | 198610 (BEGET-AS) (BEGET-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::18 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
1 | 3.120.78.93 3.120.78.93 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2a02:6ea0:c70... 2a02:6ea0:c700::11 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
27 | 13 |
ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: s21.server-panel.net
www.tickets-shop.pro |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-78-93.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
ASN60068 (CDN77 ^_^, GB)
widget-v2.smartsuppcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
smartsuppcdn.com
widget-v2.smartsuppcdn.com — Cisco Umbrella Rank: 46732 |
175 KB |
5 |
gstatic.com
fonts.gstatic.com |
60 KB |
3 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4219 |
86 KB |
3 |
tickets-shop.pro
www.tickets-shop.pro |
35 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com — Cisco Umbrella Rank: 44284 bootstrap.smartsuppchat.com — Cisco Umbrella Rank: 41623 |
6 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 329 fonts.googleapis.com — Cisco Umbrella Rank: 67 |
32 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793 |
40 KB |
1 |
snipp.ru
snipp.ru |
2 KB |
1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 1049 |
2 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 246 |
31 KB |
0 |
paynets.space
Failed
paynets.space Failed |
|
27 | 11 |
Domain | Requested by | |
---|---|---|
6 | widget-v2.smartsuppcdn.com |
www.smartsuppchat.com
widget-v2.smartsuppcdn.com |
5 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | raw.githubusercontent.com |
www.tickets-shop.pro
|
3 | www.tickets-shop.pro |
www.tickets-shop.pro
|
2 | maxcdn.bootstrapcdn.com |
www.tickets-shop.pro
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | www.smartsuppchat.com |
www.tickets-shop.pro
|
1 | fonts.googleapis.com |
www.tickets-shop.pro
|
1 | snipp.ru |
www.tickets-shop.pro
|
1 | unpkg.com |
www.tickets-shop.pro
|
1 | cdnjs.cloudflare.com |
www.tickets-shop.pro
|
1 | ajax.googleapis.com |
www.tickets-shop.pro
|
0 | paynets.space Failed |
www.tickets-shop.pro
|
27 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
tickets-shop.pro R3 |
2022-06-22 - 2022-09-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.github.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-07 - 2023-04-07 |
a year | crt.sh |
snipp.ru R3 |
2022-06-09 - 2022-09-07 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-01 - 2022-12-29 |
a year | crt.sh |
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-11-04 - 2022-11-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.tickets-shop.pro/
Frame ID: 7A21017C5DE6F40AF7F057438EBBFC56
Requests: 22 HTTP requests in this frame
Frame:
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.f96a8cb3.js
Frame ID: 413F5B7B03BBDCCC163DC18A8BCE61B9
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Оплата | PayloftDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.tickets-shop.pro/ |
85 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.tickets-shop.pro/css/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chip.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/ |
91 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue-the-mask.js
unpkg.com/vue-the-mask@0.11.1/dist/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
card.js
www.tickets-shop.pro/js/ |
2 KB 801 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ |
59 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wait.gif
paynets.space/assets/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.min.js
snipp.ru/cdn/maskedinput/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HI_SiYsKILxRpg3hIP6sJ7fM7PqlOevWjMY.woff2
fonts.gstatic.com/s/sourcecodepro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
fonts.gstatic.com/s/sourcecodepro/v21/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
19.jpeg
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
63 KB 63 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bc0aa45b25dfb66189776ce37febaf4290d36b0a.json
bootstrap.smartsuppchat.com/widget/ |
1008 B 631 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-manifest.json
widget-v2.smartsuppcdn.com/ |
2 KB 704 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.f96a8cb3.js
widget-v2.smartsuppcdn.com/static/js/ Frame 413F |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.fffa7e5c.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 413F |
510 KB 142 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.500b0156.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 413F |
117 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ru.json
widget-v2.smartsuppcdn.com/translates/ Frame 413F |
6 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
widget-v2.smartsuppcdn.com/translates/ Frame 413F |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- paynets.space
- URL
- https://paynets.space/assets/img/wait.gif
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Visa (Financial)26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery function| Vue object| VueTheMask object| bootstrap object| _0x2a31 function| _0x526a function| _0x541884 function| _0x46429b function| _0x52ab34 function| _0x37ad72 function| _0x2d9238 function| _0x3067b0 object| civchat object| _smartsupp function| smartsupp boolean| SMARTSUPP_LOADED object| $smartsupp4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tickets-shop.pro/ | Name: __ddg1_ Value: OeAFx2z1mvvrTN7Gp4DJ |
|
www.tickets-shop.pro/ | Name: PHPSESSID Value: pq5imf9fbkacn337114fuer240 |
|
www.tickets-shop.pro/ | Name: ssupp.vid Value: vivX10vsr9AmW |
|
www.tickets-shop.pro/ | Name: ssupp.visits Value: 1 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
bootstrap.smartsuppchat.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
paynets.space
raw.githubusercontent.com
snipp.ru
unpkg.com
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
www.tickets-shop.pro
paynets.space
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6812:acf
2606:50c0:8003::154
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a02:6ea0:c700::11
2a02:6ea0:c700::18
3.120.78.93
45.130.41.42
45.147.197.70
012790c3e6ea7aa6b6e45cd1d578dafd3fc382323dde28098060a59c40524427
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
175ef860729a6f3aa7c0a7954152bddbed5446affa2fe2931be79ffed5e20f87
1a9548347c9b338b3168bc5eb94c8206490a3462efc3c674632e9e9236785d54
443081e3c3415236f7c5cb0f2375ce977e59e482aa01794685c3fe7ff89ebf3e
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8
652369a1d8494c6f8e38a3af225e3834f0162a04c318c26fd9558af097d7415c
666518ed9e91c024b839dbdcfac7f45900012d89c998a931f09482279c27e269
6a13157646e61c8ff79e020b60bb10b10c6f911762714de5ec2f1acec75e9b7b
72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26
77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
9a9c361f0b0325e795decbe98a5b2d177eb184db2bc85d047f16e7a2a9e23d49
9ef6dd0c1dbd61b792f7791c989d68b3939263c502269643f8e96c28f7e49a15
a320df24001eaff2b9da352bcf0d72a65d30488fdf52f9d7364fa0358d27075d
aaddbc751b83029cf015c5db33c759ef1aacea5686e9e6782eee735956e34a7f
acce91c82cedc2cb341fba4bf9aae3096820fa28dc67b4cce8a86a575b11ef7d
b772bcd2c6ba7f7daa2469bebcb4ad0f242f56781cba2e9312ce68f2ad5ee24b
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c5f815af31970aed62e64f5b5fc22df95bd12eec0554df31376646314dc58c72
d9079f1c1dbd232c472aa7be72b774ddf1bf25852f0c5db2d741a4ab9b72d35c
e47e4a74d0833c2dbb398eb3150e8811da0ad66e9547c832d98fe2406fa15656
ee9f6ee9fe518505cd93dbfe14657f396eec263954145af01c6198b38dc66d2a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62