eticket.qr2ur.com
Open in
urlscan Pro
185.2.5.85
Public Scan
Effective URL: https://eticket.qr2ur.com/login
Submission: On March 24 via automatic, source certstream-suspicious — Scanned from IT
Summary
TLS certificate: Issued by R3 on March 24th 2023. Valid for: 3 months.
This is the only time eticket.qr2ur.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 185.2.5.85 185.2.5.85 | 203461 (REGISTER_...) (REGISTER_UK-AS) | |
7 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
qr2ur.com
1 redirects
eticket.qr2ur.com |
2 MB |
7 | 1 |
Domain | Requested by | |
---|---|---|
8 | eticket.qr2ur.com |
1 redirects
eticket.qr2ur.com
|
7 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
eticket.qr2ur.com R3 |
2023-03-24 - 2023-06-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://eticket.qr2ur.com/login
Frame ID: 309A143EC23AC1042A22556BB5A893C5
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
E-Ticket - ConnexionPage URL History Show full URLs
-
https://eticket.qr2ur.com/
HTTP 302
https://eticket.qr2ur.com/login Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://eticket.qr2ur.com/
HTTP 302
https://eticket.qr2ur.com/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
eticket.qr2ur.com/ Redirect Chain
|
8 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
eticket.qr2ur.com/css/ |
404 KB 405 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fr.svg
eticket.qr2ur.com/images/pictos/ |
292 B 573 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.svg
eticket.qr2ur.com/images/pictos/ |
837 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
130-logo.png
eticket.qr2ur.com/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.png
eticket.qr2ur.com/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
eticket.qr2ur.com/js/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| webpackChunk object| jsGrid object| CanvasJS function| _ function| Popper function| $ function| html2canvas object| jspdf function| axios object| L2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
eticket.qr2ur.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IkhZSWtjWDVzaEM5VHlZeElzV0IwWVE9PSIsInZhbHVlIjoiL1Y3Y0ROT0FTWW5ITXJiNVZuUEhDYlorTzk2Q3BmQzN0N01kajQyWElmZlBwWHp1OXB1UEtqcWFoUU1KVVFCOEFvNzZwT1V0ODJKNzJrV1F0Rk5TVWdwVDFyb1JXcE0xbHlMRDVDY3JGTGNrSHd2YzBpOFB3NlQveEFQWFpCTm4iLCJtYWMiOiI0ODY5YTE3ODMwZTRiZTRhY2ZhYmM4ZjEzMzA0OGZiZTYxNzE0ZDRkNjZjYWJiOGNkNzNlZGE0MjA3NWZhNDg5IiwidGFnIjoiIn0%3D |
|
eticket.qr2ur.com/ | Name: e_ticket_session Value: eyJpdiI6Im9HNVMyaHBidFNhdWJJNko2bkNab1E9PSIsInZhbHVlIjoiUVFpeXlKSjNSWmhQdEp4NXRDNFFtNmhGUGJTV0xwRStWeEJzQWNtYUNQVmV2ajlOMkNLQmtmOXhpWXRWckQyYkptWUJBeG5NVmNEWC9xQWpIeFpWaEYzQXBnSmxSL1pBSW1zQUdIODd6azZsZUR4NFJBMGZZUHFDQzV6eGd1OFAiLCJtYWMiOiI5YzcwODdkNTg2YmY0ZTBlNGM1ZDBhN2JiNTgxYTM0YjA4MjM0OTBmZGJmZmZlZTMyZDFkNzg4N2JlZTVkMDhlIiwidGFnIjoiIn0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
eticket.qr2ur.com
185.2.5.85
1d00b2009b2cf3f34bd8de3158764c6a8d373f56234b6616a11772b7fb6590e4
44e999a57c4e1c46624233c19087899b3994a2c7c863110086ad4eea72a8ccc4
63667b36ddd95d29a9f163e3ab4b9f7000dcd310350c565c19b975a0a2418117
98078f535d5a883d0257113024edc6a8d6f17e85a981342662d33ae47497380a
b6abf3a2148a435c89936bbd3758326b83a7bf118e27cd71343c157b9a0d8914
e0d216e4df9aeaa304e1617fe0252aa9d61d600eb9dd9a1c1ef81083084346d6
eb0cef2605cb154372fa6b8dcf2ae1e3e5f3d8e4c287f61eda11d2a6168df9c2