clicks.biletix.ru Open in urlscan Pro
46.248.181.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clicks.biletix.ru/c/cAl/c4z7/Ktyb7jA4Rhg3P0i6Tnrdly/Fx/i8fh/F/10b10dab
Effective URL:
https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emai...
Submission: On September 10 via api (September 10th 2020, 6:53:59 pm UTC) from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 46.248.181.124, located in Gdańsk, Poland and belongs to IQPL-AS, PL. The main domain is clicks.biletix.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 4th 2020. Valid for: 3 months.

This is the only time clicks.biletix.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	46.248.181.124 46.248.181.124	47544 (IQPL-AS) (IQPL-AS)
8	5.188.159.40 5.188.159.40	49505 (SELECTEL) (SELECTEL)
1	18.188.5.236 18.188.5.236	16509 (AMAZON-02) (AMAZON-02)
12	3

4 46.248.181.124 (Gdańsk, Poland) 1 redirects

ASN47544 (IQPL-AS, PL)
PTR: 46-248-181-124.rev.iq.pl

clicks.biletix.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 5.188.159.40 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)

imgems.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.188.5.236 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-5-236.us-east-2.compute.amazonaws.com

api.retentioneering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	imgems.ru imgems.ru	32 KB
4	biletix.ru 1 redirects clicks.biletix.ru	174 KB
1	retentioneering.com api.retentioneering.com
12	3

	Domain	Requested by
8	imgems.ru	clicks.biletix.ru
4	clicks.biletix.ru	1 redirects clicks.biletix.ru
1	api.retentioneering.com	clicks.biletix.ru
12	3

This site contains no links.

Subject Issuer	Validity	Valid
clicks.biletix.ru Let's Encrypt Authority X3	`2020-09-04` - `2020-12-03`	3 months	crt.sh
imgems.ru Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-03-06`	9 months	crt.sh
api.retentioneering.com Let's Encrypt Authority X3	`2020-09-05` - `2020-12-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
Frame ID: 16C240DC8B978E9BABDD4965CA4E1374
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clicks.biletix.ru/c/cAl/c4z7/Ktyb7jA4Rhg3P0i6Tnrdly/Fx/i8fh/F/10b10dab HTTP 302
https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Em... Page URL

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

206 kB
Transfer

234 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicks.biletix.ru/c/cAl/c4z7/Ktyb7jA4Rhg3P0i6Tnrdly/Fx/i8fh/F/10b10dab HTTP 302
https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 53e247c0 Show response
clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/
Redirect Chain

https://clicks.biletix.ru/c/cAl/c4z7/Ktyb7jA4Rhg3P0i6Tnrdly/Fx/i8fh/F/10b10dab
https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

37 KB
6 KB

308ms
307ms

Document
text/html

46.248.181.124
IQPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.248.181.124 Gdańsk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 46-248-181-124.rev.iq.pl
Software: /
Resource Hash: 0443c5457165c6bfd477d2210410deec7978d65e851772fdb82c91e31cd2e7de

Request headers

:method: GET
:authority: clicks.biletix.ru
:scheme: https
:path: /v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TEMP_DATA=a11e9b66-52af-4fd9-b8b5-5eb06f1c22ca; esg1=cAl/c4z7/Ktyb7jA4Rhg3P0i6Tnrdly/Fx/i8fh/F/a6b61ed2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Sep 2020 18:53:42 GMT
content-length: 5660

Redirect headers

status: 302
cache-control: private
content-type: text/html; charset=utf-8
location: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
set-cookie: TEMP_DATA=a11e9b66-52af-4fd9-b8b5-5eb06f1c22ca; path=/ esg1=cAl/c4z7/Ktyb7jA4Rhg3P0i6Tnrdly/Fx/i8fh/F/a6b61ed2; path=/
date: Thu, 10 Sep 2020 18:53:41 GMT
content-length: 284

GET
H/1.1 200
OK shadow.png
imgems.ru/biletix/30102018/ 1 KB
1 KB 241ms
46ms Image
image/png 5.188.159.40
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgems.ru/biletix/30102018/shadow.png

Requested by

Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.188.159.40 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

cf892ff9aade06f2014df278d9605fd5fc81761ab50ea10b7cdd54d3e453cebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Server: nginx/1.19.2
ETag: "5bd8a3a9-428"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=10
Date: Thu, 10 Sep 2020 18:48:00 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1064
Expires: Thu, 10 Sep 2020 18:58:00 GMT

GET
H/1.1 200
OK logo.png
imgems.ru/biletix/30102018/ 5 KB
5 KB 249ms
47ms Image
image/png 5.188.159.40
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgems.ru/biletix/30102018/logo.png

Requested by

Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.188.159.40 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

add2ac709f8289d798bbbae97c14694715d5069106fe14b2da420bad9cb0ad31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Server: nginx/1.19.2
ETag: "5c65aa39-12ea"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=10
Date: Thu, 10 Sep 2020 18:48:00 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4842
Expires: Thu, 10 Sep 2020 18:58:00 GMT

GET
H2 200 img-bigpic-1.jpg
clicks.biletix.ru/Content/i2/10141/HostedImages/2228/ 168 KB
168 KB 61ms
58ms Image
image/jpeg 46.248.181.124
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clicks.biletix.ru/Content/i2/10141/HostedImages/2228/img-bigpic-1.jpg
Requested by: Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.248.181.124 Gdańsk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 46-248-181-124.rev.iq.pl
Software: Microsoft-IIS/10.0 /
Resource Hash: de005e90d27de196240610dfc1264abe50de2b6de7295efb29a9569b44fb1ebc

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 18:53:42 GMT
last-modified: Fri, 29 Mar 2019 14:18:19 GMT
server: Microsoft-IIS/10.0
etag: "108081423ae6d41:0"
content-type: image/jpeg
status: 200
cache-control: no-cache
accept-ranges: bytes
content-length: 171887

GET
H/1.1 200
OK ig.png
imgems.ru/biletix/30102018/ 5 KB
5 KB 264ms
51ms Image
image/png 5.188.159.40
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgems.ru/biletix/30102018/ig.png

Requested by

Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.188.159.40 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

f4cc87b5bbed1162aeb1f19f9166c867cf080c631e6e2d08227f703cf48010fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Server: nginx/1.19.2
ETag: "5c65aa20-1278"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=10
Date: Thu, 10 Sep 2020 18:48:00 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4728
Expires: Thu, 10 Sep 2020 18:58:00 GMT

GET
H/1.1 200
OK vk.png
imgems.ru/biletix/30102018/ 3 KB
3 KB 261ms
46ms Image
image/png 5.188.159.40
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgems.ru/biletix/30102018/vk.png

Requested by

Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.188.159.40 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

8dc7c0a0e485aff85aaf4334e607a8ac10c3b5980a1b101b217480c07f5717a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Server: nginx/1.19.2
ETag: "5c65aa20-bf7"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=10
Date: Thu, 10 Sep 2020 18:48:00 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3063
Expires: Thu, 10 Sep 2020 18:58:00 GMT

GET
H/1.1 200
OK fb.png
imgems.ru/biletix/30102018/ 2 KB
3 KB 280ms
57ms Image
image/png 5.188.159.40
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgems.ru/biletix/30102018/fb.png

Requested by

Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.188.159.40 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

e4888c4e382594aa24895eacafb04f6d7e4792753f5c75b478cc2b62cedf43fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Server: nginx/1.19.2
ETag: "5c65aa20-928"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=10
Date: Thu, 10 Sep 2020 18:48:00 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2344
Expires: Thu, 10 Sep 2020 18:58:00 GMT

GET
H/1.1 200
OK bl.png
imgems.ru/biletix/30102018/ 3 KB
3 KB 276ms
45ms Image
image/png 5.188.159.40
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgems.ru/biletix/30102018/bl.png

Requested by

Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.188.159.40 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

b41d20adb63156bdb33bb33995d242c7540e10192903c7be7629d8901b468054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Server: nginx/1.19.2
ETag: "5c65aa20-b4f"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=10
Date: Thu, 10 Sep 2020 18:48:00 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2895
Expires: Thu, 10 Sep 2020 18:58:00 GMT

GET
H/1.1 200
OK as.png
imgems.ru/biletix/30102018/ 5 KB
5 KB 165ms
46ms Image
image/png 5.188.159.40
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgems.ru/biletix/30102018/as.png

Requested by

Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.188.159.40 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

9b8d377adbbfdde57e6e00dd00f7fde90688a58477d9d841cc8af5587a28e60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Server: nginx/1.19.2
ETag: "5c65aa21-142e"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=10
Date: Thu, 10 Sep 2020 18:48:00 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5166
Expires: Thu, 10 Sep 2020 18:58:00 GMT

GET
H/1.1 200
OK gp.png
imgems.ru/biletix/30102018/ 6 KB
7 KB 181ms
46ms Image
image/png 5.188.159.40
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgems.ru/biletix/30102018/gp.png

Requested by

Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

5.188.159.40 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx/1.19.2 /

Resource Hash

8a6e3b72b8177d0bd1f70a6f7432e41988359fbb35b2c4ae983f8c58c41428a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000;
Server: nginx/1.19.2
ETag: "5c65aa21-194f"
Content-Type: image/png
Cache-Control: max-age=600, s-maxage=10
Date: Thu, 10 Sep 2020 18:48:01 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6479
Expires: Thu, 10 Sep 2020 18:58:01 GMT

GET
H2 200 22b9bd80
clicks.biletix.ru/o/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/i8fh/F/ 43 B
106 B 185ms
184ms Image
image/gif 46.248.181.124
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clicks.biletix.ru/o/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/i8fh/F/22b9bd80
Requested by: Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.248.181.124 Gdańsk, Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 46-248-181-124.rev.iq.pl
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 10 Sep 2020 18:53:42 GMT
cache-control: no-cache, max-age=0
content-type: image/gif

GET
H/1.1 502
Bad Gateway pixel.gif
api.retentioneering.com/ 0
0 355ms
114ms Image
text/html 18.188.5.236
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.retentioneering.com/pixel.gif?data=%7B%22source%22%3A%20%22biletix%22%2C%20%22event_name%22%3A%20%22email_open%22%2C%20%22user_id%22%3A%20%22jeannie.may@firstcitizens.com%22%7D
Requested by: Host: clicks.biletix.ru
URL: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 18.188.5.236 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-188-5-236.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clicks.biletix.ru/v/cAl/Ktyb7jA4Rhg3P0i6Tnrdly/53e247c0?utm_source=rassilkaES_AR&utm_medium=Email&utm_content=emailAR2&utm_campaign=emailARwelcome2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			clicks.biletix.ru/	1969-12-31 23:59:59	Name: esg1 Value: cAl/c4z7/Ktyb7jA4Rhg3P0i6Tnrdly/Fx/i8fh/F/a6b61ed2
			clicks.biletix.ru/	1969-12-31 23:59:59	Name: TEMP_DATA Value: a11e9b66-52af-4fd9-b8b5-5eb06f1c22ca

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.retentioneering.com
clicks.biletix.ru
imgems.ru
18.188.5.236
46.248.181.124
5.188.159.40
0443c5457165c6bfd477d2210410deec7978d65e851772fdb82c91e31cd2e7de
8a6e3b72b8177d0bd1f70a6f7432e41988359fbb35b2c4ae983f8c58c41428a5
8dc7c0a0e485aff85aaf4334e607a8ac10c3b5980a1b101b217480c07f5717a3
9b8d377adbbfdde57e6e00dd00f7fde90688a58477d9d841cc8af5587a28e60a
add2ac709f8289d798bbbae97c14694715d5069106fe14b2da420bad9cb0ad31
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b41d20adb63156bdb33bb33995d242c7540e10192903c7be7629d8901b468054
cf892ff9aade06f2014df278d9605fd5fc81761ab50ea10b7cdd54d3e453cebf
de005e90d27de196240610dfc1264abe50de2b6de7295efb29a9569b44fb1ebc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4888c4e382594aa24895eacafb04f6d7e4792753f5c75b478cc2b62cedf43fd
f4cc87b5bbed1162aeb1f19f9166c867cf080c631e6e2d08227f703cf48010fb

clicks.biletix.ru Open in urlscan Pro 46.248.181.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

206 kBTransfer

234 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

Indicators

clicks.biletix.ru Open in urlscan Pro
46.248.181.124 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

206 kB
Transfer

234 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions