urlscan.io logo urlscan.io
SecurityTrails logo

ep.clark7ticket.click Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cutt.ly/7BLWgDI?2249436
Effective URL: https://ep.clark7ticket.click/
Submission: On October 19 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 9 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ep.clark7ticket.click.
TLS certificate: Issued by GTS CA 1P5 on October 13th 2022. Valid for: 3 months.
This is the only time ep.clark7ticket.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 135.181.100.101 24940 (HETZNER-AS)
1 190.115.19.207 262254 (DDOS-GUAR...)
1 20 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 190.115.19.162 262254 (DDOS-GUAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 7
2    2606:4700:10::6816:1e8 (United States)

ASN13335 (CLOUDFLARENET, US)
cutt.ly
2    135.181.100.101 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.101.100.181.135.clients.your-server.de
okkl.online
1    190.115.19.207 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
propaymentss.expert
20    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
topagentday.top
ep.clark7ticket.click
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    190.115.19.162 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
e-pay.plus
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
17 clark7ticket.click
ep.clark7ticket.click
533 KB
3 topagentday.top
topagentday.top
6 KB
2 gstatic.com
fonts.gstatic.com
70 KB
2 okkl.online
okkl.online
1 KB
2 cutt.ly
cutt.ly — Cisco Umbrella Rank: 82494
781 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 e-pay.plus
e-pay.plus
204 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
29 KB
1 propaymentss.expert
propaymentss.expert
353 B
27 9
Domain Requested by
17 ep.clark7ticket.click topagentday.top
ep.clark7ticket.click
3 topagentday.top 1 redirects okkl.online
topagentday.top
2 fonts.gstatic.com fonts.googleapis.com
2 okkl.online okkl.online
2 cutt.ly 2 redirects
1 fonts.googleapis.com ep.clark7ticket.click
1 e-pay.plus topagentday.top
1 code.jquery.com topagentday.top
1 propaymentss.expert okkl.online
27 9

This site contains no links.

Subject Issuer Validity Valid
okkl.online
R3		 2022-08-03 -
2022-11-01		 3 months crt.sh
propaymentss.expert
R3		 2022-09-20 -
2022-12-19		 3 months crt.sh
*.topagentday.top
E1		 2022-10-17 -
2023-01-15		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
e-pay.plus
R3		 2022-10-13 -
2023-01-11		 3 months crt.sh
*.clark7ticket.click
GTS CA 1P5		 2022-10-13 -
2023-01-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ep.clark7ticket.click/
Frame ID: 675B9BD1036FC3E0F72F5E22DDFD9650
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Главная

Page URL History Show full URLs

  1. http://cutt.ly/7BLWgDI?2249436 HTTP 301
    https://cutt.ly/7BLWgDI?2249436 HTTP 301
    https://okkl.online/tds/ Page URL
  2. https://topagentday.top//tds/ks8i HTTP 302
    http://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667 HTTP 307
    https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667 Page URL
  3. https://ep.clark7ticket.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

63 %
IPv6

9
Domains

9
Subdomains

7
IPs

5
Countries

845 kB
Transfer

1873 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cutt.ly/7BLWgDI?2249436 HTTP 301
    https://cutt.ly/7BLWgDI?2249436 HTTP 301
    https://okkl.online/tds/ Page URL
  2. https://topagentday.top//tds/ks8i HTTP 302
    http://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667 HTTP 307
    https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667 Page URL
  3. https://ep.clark7ticket.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cutt.ly/7BLWgDI?2249436 HTTP 301
  • https://cutt.ly/7BLWgDI?2249436 HTTP 301
  • https://okkl.online/tds/
Request Chain 3
  • https://topagentday.top//tds/ks8i HTTP 302
  • http://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667 HTTP 307
  • https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
okkl.online/tds/
Redirect Chain
  • http://cutt.ly/7BLWgDI?2249436
  • https://cutt.ly/7BLWgDI?2249436
  • https://okkl.online/tds/
315 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://okkl.online/tds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.181.100.101 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.101.100.181.135.clients.your-server.de
Software
nginx /
Resource Hash
579378ee13698bddf42e65e32795ac54f2c028b4c6347c04404fdcdaaee1bae0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
252
content-type
text/html; charset=utf-8
date
Wed, 19 Oct 2022 07:37:23 GMT
etag
"13b-5e915b450a4ec-gzip"
last-modified
Tue, 20 Sep 2022 06:11:52 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
75c7d91ee9515be5-FRA
content-type
text/html; charset=UTF-8
date
Wed, 19 Oct 2022 07:37:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://okkl.online/tds/
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
tds.js
okkl.online/tds/ 		2 KB
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://okkl.online/tds/tds.js
Requested by
Host: okkl.online
URL: https://okkl.online/tds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
135.181.100.101 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.101.100.181.135.clients.your-server.de
Software
nginx /
Resource Hash
f7933b4d57543d7a108781e5bed6a8a77d2dc29b1c2bac062d1c354392b97fc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://okkl.online/tds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:23 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 06:10:21 GMT
server
nginx
etag
W/"6329594d-796"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
request_tds.php
propaymentss.expert/ 		44 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propaymentss.expert/request_tds.php
Requested by
Host: okkl.online
URL: https://okkl.online/tds/tds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.19.207 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://okkl.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Wed, 19 Oct 2022 07:37:23 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-encoding
gzip
server
ddos-guard
x-frame-options
ALLOWALL
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
bacj
topagentday.top/
Redirect Chain
  • https://topagentday.top//tds/ks8i
  • http://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
  • https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
Requested by
Host: okkl.online
URL: https://okkl.online/tds/tds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0635921cbb46848a58c589e66606d609b8c0f19295d098d87e8699b8925d4f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75c7d927ccc190ef-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Wed, 19 Oct 2022 07:37:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umB5oL5C03SUOpTUDVZiHsrTseN4hRzkB7XRWk3Slkm1bLpL6WL%2Bmgauv%2FprHw94ip9S%2FPHPdcuk2IRBLkGWTmJZGvLFx6m1GFevsICfxnpqCgwW50Pd%2FRIqk7K32lScf9DA%2Bu%2FZBWlzIlbG3M0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
ALLOWALL

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
Non-Authoritative-Reason
HSTS
jquery-2.1.3.min.js
code.jquery.com/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.1.3.min.js
Requested by
Host: topagentday.top
URL: https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://topagentday.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:24 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14960"
vary
Accept-Encoding
x-hw
1666165044.dop007.fr8.t,1666165044.cds097.fr8.hn,1666165044.cds210.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29507
jquery.syotimer.js
topagentday.top/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://topagentday.top/js/jquery.syotimer.js
Requested by
Host: topagentday.top
URL: https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b648262c5dd3817590d4077f423a487895ac9e0b185f3e7f683e6c75b24afe1b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:24 GMT
content-security-policy
upgrade-insecure-requests;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1895
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jun 2019 09:48:00 GMT
server
cloudflare
etag
W/"5d11edd0-286f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
ddg-cache-status
HIT
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=999w1q7B%2BwDLPR45xIw5XnHzHKf1pjPzZTNsRPyPE35jNwzQb0FYVGQNM1g2CRIYEmCgVDPorrxZjPMsltdM6DjDbrAWQNC0BF97%2FAiP4boayPZ0Cq6ZumvI8FStNAWuPaeK1WHnT6ackBITJIs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
75c7d9289d5291fb-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
8143.jpg
e-pay.plus/i/product/814/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e-pay.plus/i/product/814/8143.jpg
Requested by
Host: topagentday.top
URL: https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.19.162 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ddos-guard /
Resource Hash
0a522d68674774fedc7ec3bcaa522ca6ae681931cbebec1ed8603b171c495722
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://topagentday.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests;
date
Sat, 15 Oct 2022 13:50:18 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15768000; includeSubdomains; preload
last-modified
Tue, 29 Jun 2021 18:48:16 GMT
server
ddos-guard
age
323227
etag
"60db6af0-32fa1"
x-frame-options
ALLOWALL
content-type
image/jpeg
access-control-allow-origin
*
ddg-cache-status
HIT
accept-ranges
bytes
content-length
208801
Primary Request /
ep.clark7ticket.click/ 		1 KB
958 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/
Requested by
Host: topagentday.top
URL: https://topagentday.top/bacj?tds=1&url_id=415&url_full_id=2667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34375164159ab1d12e806ca43f4e51baef2bdf898ecea7581048c854568b9f61

Request headers

Referer
https://topagentday.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75c7d92e0e0a9244-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 19 Oct 2022 07:37:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3oPYgqj2%2BUFnv2ZYPkdu%2BHTfxgUlDyQmV5pWzbCQfavFSw5XtuQ3yU3XPs7KZzRYMvjk0AKjueIWDV8AyKoL8uAfUUtZhStcM%2BeK91ukIM67TPHRweIeaf7tUr6e2Lkh%2BEJJibwo7ksbKQSPbT91ejOBz0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.53117119e44f7af8cea70955a9d42e11.css
ep.clark7ticket.click/static/css/ 		154 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/css/app.53117119e44f7af8cea70955a9d42e11.css
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b30a3478c30f09ba7e571a3ba527f3c9a95ddb21a87c013214e46cc7b43f7d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117
etag
W/"63493c45-26644"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cul5%2BqAy1XSqOeAfgeitVVwj%2BGCMjZWIzwI2lcsk556Rs%2BCkdd4OUctLVaiAPG8FvPMOVd3Om8qZhSDDZiM7XSP01bIAjPh3O71n%2BFGmMcxZkU8P2ax%2FpbI1fll5kBhA3QVOlock4LA44cpT0x4MjgH0VTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
75c7d92f1ce3904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loading_spinner2.gif
ep.clark7ticket.click/static/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.clark7ticket.click/static/img/loading_spinner2.gif
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:25 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117
etag
"63493c45-3fd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zccu%2FG57q38AWBHQw%2F9zdlfTAr5HRuew9Nw5VRY%2BbaziMT9sZEXO2oPB6plTqg0qgIoNqiaADYDKtCBxOK8yoSZApOA0jdhxmVUqRxpOuiL17ljBrvG7yPGUzu%2FnxzbKg3QlOZXhaWTvEiTukPwqz2tBtO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75c7d92f1ce5904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16338
manifest.2ae2e69a05c33dfc65f8.js
ep.clark7ticket.click/static/js/ 		799 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/js/manifest.2ae2e69a05c33dfc65f8.js
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117
etag
W/"63493c46-31f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mwa0bvL1btlsh8sB9jxyuYRcG8gKgvoCUPYFa1sS0yuAZvncNx5jTX5EPF%2B4sCEu5FDRBUpTBJzBlaBthAYN%2BIPJm%2Fl98VCh0ccqqsusKmWDBty%2FTb3YOeJfklswEkFxQdpoMtnBM317u%2F7gOu4v305i3jw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75c7d92f1ce7904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendor.a64cea12b36e58fc944a.js
ep.clark7ticket.click/static/js/ 		535 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/js/vendor.a64cea12b36e58fc944a.js
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14651c6e395990c9e3a434f628f1efd36acc6bf527f821c0822f7f4cdd1196c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117
etag
W/"63493c46-85ac4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HunQiEd0nAYs4PxM%2FqG7J8lxWCfJAu4VmV4O6IIYAXtMHEolZUMqAXer3qJCQDYhNGR3pUrReXfMUrSI%2F1u1Bh9QCKS14t4%2Fsj%2BQ3fyStTok%2BYlME%2F15jZSemPKzScm3vngnouVjAGIzb76qC%2F1nVpEMkQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75c7d92f1ce9904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.313f37ea554d1ee5dda0.js
ep.clark7ticket.click/static/js/ 		556 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/js/app.313f37ea554d1ee5dda0.js
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ee80fd7e33053c51a34e2761abc37e780089913bcadd7eb5afc28bad5098c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117
etag
W/"63493c46-8b071"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fa1rkzZFpMTAPRA1hninA%2Fuxau58q09EuAFMw4CKXBU0wUHk6BKbWvI8x6JmC%2F3M2lw5R7J7oAs4dSGsM0WChMUUqznZuRpudms0vhGVAByo8hWEUetcDaGJoqa2LHNoAmetL04flLO3JpVzDmxNPsVEsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
75c7d92f0cdf904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/static/css/app.53117119e44f7af8cea70955a9d42e11.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1260729b33262d98247f4a3bb56648f54699b94bd79d2f6e2b44e31607cf9b12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 19 Oct 2022 07:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 05:48:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Oct 2022 07:37:25 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ep.clark7ticket.click
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 18:50:34 GMT
x-content-type-options
nosniff
age
132411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 18:50:34 GMT
managerMessages.json
ep.clark7ticket.click/static/api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/api/managerMessages.json
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7789f84816fd8fb6685a068be6ad9927709ddd62cd4ecc74e8843c214b147676

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.clark7ticket.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 14 Oct 2022 10:39:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7cf-5eafc3bf3347a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FO4g%2FFY%2Bvlyvn8BsudkAZCS8oDAoQpg8lzJddpDOloksVb3MDTF9BvMeDmw81C4%2B31b7cbvJVH0u9CEiZVK47HhYgey4TxY%2B1UcQAoVEEuWd%2Byu0kmGUXWqM%2FY6mOQt8c%2FMdgD22YTVnEGBHU9ATr1OiDq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
75c7d9313a48904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getDomain.php
ep.clark7ticket.click/static/php/ 		70 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/php/getDomain.php
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
ccf7501a59daed10def8da128411c79ddd878d12bbbfd6c43008acef03f7b349

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.clark7ticket.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0TtIeRwcVc3vwWsSmNYdEdJ1t7w5tmUvuaWfTMXU%2FEfMGEagxD8sHZzJtJROeYhmwv%2FUNw1iB8bQpsrTRQvAMcQT2dgTXCd3Eu6%2Fj5heWDzZ7RmvbW4oy5jQETYZoQNuJdh40m6wDr6rvxhePZAlfqO68g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
75c7d9313a4a904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
geo.php
ep.clark7ticket.click/static/php/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/php/geo.php
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
b616c8f83c246d25e2252e52e2012da9bc56e04486e592e5d6376acce6cdf53f

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.clark7ticket.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW6leUY7Ve%2BB%2BS7kFW6xGrn5kA6QEw80E79Ur00mc3pr1NL1jKze4v2%2Fm16AIT9D4e%2FBVKcIukAhR8WetC8MpXZZ84SH5FJStIx%2F0%2FQdecmRpPOVP1q3k83e5qmnOU97v7YXuqgMm29yA2EZlb1zXUeMA%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
75c7d9313a4c904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
getRate.php
ep.clark7ticket.click/static/php/ 		7 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/php/getRate.php
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
8e69a2aec3147645d6c73634253341710a9b95b2fa0fc70dc2df7f940afcdcf7

Request headers

Accept
application/json, text/plain, */*
Referer
https://ep.clark7ticket.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.2.34
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Boi2H5VVlm6Mnbjfp0BbissZZQA%2FGrtz1OnpolkbPOxSF0ZtTpv6G4FVRQKxoYjK5Ce%2Fp%2FdToA134wI2%2B0N63G%2FG0vWxq6c%2Fb0%2FwzERKzENaDEFebZlmR9pFRv58os3i8N1dUdfftImVQiIWU8AWtjXcBjw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
75c7d933e827904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
loading_spinner2.gif
ep.clark7ticket.click/static/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.clark7ticket.click/static/img/loading_spinner2.gif
Requested by
Host: ep.clark7ticket.click
URL: https://ep.clark7ticket.click/static/js/vendor.a64cea12b36e58fc944a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
118
etag
"63493c45-3fd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJGkBThnY0ADtt2j2dWedXs0xhzwfCmA5O%2BH8tnZMwnNQI12wbtsKk6802a9XUF351koxiJ9F44PpD62kuhSDSTtW%2Bo3tISoIK9TH5HpU0OBpgp0LCk0rs8lbDWiBLvjfgd6sm4A8WAVEBIgLbuCjeWyPzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75c7d933f858904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16338
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ep.clark7ticket.click
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 19:02:01 GMT
x-content-type-options
nosniff
age
131725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26240
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Oct 2023 19:02:01 GMT
1-checksmall.jpg
ep.clark7ticket.click/static/img/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.clark7ticket.click/static/img/1-checksmall.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9216c81149df71901ee0c0fea4e6c059d595efeb6bd4b85ea913c62b2ac845c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
"63493c45-4435"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tze1zJZNje%2Fj2JuZeFAuktHt8Fg2EbBm2IdwcW1VhMz1BoX4Ed5xCPbEAf0Yo%2BS7l%2F1Qx07o5T9iSffYd3LxJFpf0r%2BKN%2FJlXzpgzjc8wfsUasdVw9rM6aNVfLmaQx0YETxdq4u5mhnT13UqZYhFU3B3ipc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75c7d934598e904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17461
visatrio.png
ep.clark7ticket.click/static/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.clark7ticket.click/static/img/visatrio.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be0c6e47f9314156e902d8a2c39c5c770c867309cf5097f81665f8adc356e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
"63493c45-102f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLxocRgGVkys60npDygthJBFNp56HaQ5J9rr4NqgsyJmkH%2BXhyqjYQ0Y0xcp8fVyMwG%2BYlOL9%2FUzlt%2FJ2MgCTuG5D8FAVXhS8Nxaivvv68fpXkrR2YHRaGtlOgy9miIYtJxRaXidLGujLkkfmQPa0vSg1cw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75c7d9345993904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4143
manager.png
ep.clark7ticket.click/static/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.clark7ticket.click/static/img/manager.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05844bb050d4b435e2c3cce402649d18f1746d37928e9d49316fa64951cca988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
"63493c45-2c4e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmNz9lt438BleKRs%2Bxj06SBcXKsGMBsZSsGPd2NENN%2Be8NXrVBdUurZbG2is5G11PBpwif5mYA41j%2FRiCeWgvkk367FURwOhthi4%2BOWGo7KKyMRFIavDOSChkuDZbT%2BLS5PSNaLJ5Q%2Fg0QaT1YnuFWJxYpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75c7d9345995904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11342
chat.gif
ep.clark7ticket.click/static/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.clark7ticket.click/static/img/chat.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985b513615c9ca45b6a11beedf94ab5ec9a590375d2840161cfa5671fe4de0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
"63493c45-a72"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTyWwUbB8LZuXS8otCa%2BHdzMJ5LsFrOCmUDJpFGmRN%2Bn1gW%2BltvS4JvdMbzvPHquuCSO3dbGRpwqGmM6VZDxMQqkQk9WVyrVyA5ZUVEHfi%2BiuzooCh9QdCrmCuhWwcyFZDW8eN9gzRGTV20aIoI1IQM7mCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75c7d9345996904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2674
waiting.gif
ep.clark7ticket.click/static/img/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep.clark7ticket.click/static/img/waiting.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c40dafa98be0318bc1a87d359e27915755a6fafdd925b90ee6ea4981e4f89099

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ep.clark7ticket.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
"63493c45-1386d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TB1sy42Nrh3VI4zLdiJ9BLn9%2FwXWAB%2BysWCQttvYii1Rk89%2B4eGaCY%2BdKdNqEyPpRjQYp4L7mUpdezKl4g9A3xaxXZiJ%2BsVzN1DcX8EKPNeCPkAOq79CCXawhSlx%2BLULQJmd5sO3bhLt6n3%2FmBabOZapjRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
75c7d9345999904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79981
blim.0a4a5ef.mp3
ep.clark7ticket.click/static/media/ 		94 KB
95 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://ep.clark7ticket.click/static/media/blim.0a4a5ef.mp3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85f193f95e312ce87ea00b0a3553edddbe403273c9fda54d2f4e101714a9b15

Request headers

Referer
https://ep.clark7ticket.click/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 19 Oct 2022 07:37:26 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Oct 2022 10:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
115
etag
"63493c45-17828"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv6pzqSLZlH3DjweJ7QUfJdbC0127vTjTyoRLiztsPCB78o23w6%2B3lXyrHgHiOi3Ll%2BUfi7%2BeLtGrnYVcHwkG0sYQY8ZDX8m0b%2BR3zSywJ84CpHzxVQgDdyIs9Vt53W2k5P2Uz1vPVVXySlPoLxPjPWiQo8%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
Content-Range
bytes 0-96295/96296
cache-control
max-age=14400
cf-ray
75c7d93469ac904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
96296

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| webpackJsonp object| _0x2fb9 function| _0x28b153 function| _0x3d20 function| _0x433391 function| _0x3d1fe9 object| __core-js_shared__

3 Cookies

Domain/Path Name / Value
cutt.ly/ Name: PHPSESSID
Value: gf0icc3jdp026jgv0bc7oi35tj
.topagentday.top/ Name: __ddg1_
Value: klfh40gLiClRC9ekO8NZ
.topagentday.top/ Name: cookieID
Value: 74787

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
cutt.ly
e-pay.plus
ep.clark7ticket.click
fonts.googleapis.com
fonts.gstatic.com
okkl.online
propaymentss.expert
topagentday.top
135.181.100.101
190.115.19.162
190.115.19.207
2001:4de0:ac18::1:a:3b
2606:4700:10::6816:1e8
2a00:1450:4001:801::2003
2a00:1450:4001:80f::200a
2a06:98c1:3120::3
05844bb050d4b435e2c3cce402649d18f1746d37928e9d49316fa64951cca988
0a522d68674774fedc7ec3bcaa522ca6ae681931cbebec1ed8603b171c495722
1260729b33262d98247f4a3bb56648f54699b94bd79d2f6e2b44e31607cf9b12
1a8162403bfffd36e97c3d0d2f07f8bdc2fc5e65b6638b0d8d951c58e7f95327
1b30a3478c30f09ba7e571a3ba527f3c9a95ddb21a87c013214e46cc7b43f7d6
34375164159ab1d12e806ca43f4e51baef2bdf898ecea7581048c854568b9f61
579378ee13698bddf42e65e32795ac54f2c028b4c6347c04404fdcdaaee1bae0
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5be0c6e47f9314156e902d8a2c39c5c770c867309cf5097f81665f8adc356e73
60ee80fd7e33053c51a34e2761abc37e780089913bcadd7eb5afc28bad5098c6
7789f84816fd8fb6685a068be6ad9927709ddd62cd4ecc74e8843c214b147676
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8e69a2aec3147645d6c73634253341710a9b95b2fa0fc70dc2df7f940afcdcf7
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225
9216c81149df71901ee0c0fea4e6c059d595efeb6bd4b85ea913c62b2ac845c4
985b513615c9ca45b6a11beedf94ab5ec9a590375d2840161cfa5671fe4de0e4
b616c8f83c246d25e2252e52e2012da9bc56e04486e592e5d6376acce6cdf53f
b648262c5dd3817590d4077f423a487895ac9e0b185f3e7f683e6c75b24afe1b
c40dafa98be0318bc1a87d359e27915755a6fafdd925b90ee6ea4981e4f89099
c85f193f95e312ce87ea00b0a3553edddbe403273c9fda54d2f4e101714a9b15
ccf7501a59daed10def8da128411c79ddd878d12bbbfd6c43008acef03f7b349
d0635921cbb46848a58c589e66606d609b8c0f19295d098d87e8699b8925d4f1
d14651c6e395990c9e3a434f628f1efd36acc6bf527f821c0822f7f4cdd1196c
f7933b4d57543d7a108781e5bed6a8a77d2dc29b1c2bac062d1c354392b97fc9