bilet.moskva-peterburg.ru Open in urlscan Pro
185.12.92.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bilet.sapsan.su/
Effective URL:
https://bilet.moskva-peterburg.ru/
Submission: On September 21 via automatic, source certstream-suspicious (September 21st 2022, 4:38:39 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 5 domains to perform 12 HTTP transactions. The main IP is 185.12.92.143, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is bilet.moskva-peterburg.ru.
TLS certificate: Issued by R3 on July 26th 2022. Valid for: 3 months.

This is the only time bilet.moskva-peterburg.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	185.12.92.143 185.12.92.143	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
1	185.169.155.186 185.169.155.186	201706 (AS-SERVIC...) (AS-SERVICEPIPE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
12	3

8 185.12.92.143 (Russian Federation) 1 redirects

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: airlin.deserv.net

bilet.sapsan.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bilet.moskva-peterburg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
moskva-peterburg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.169.155.186 (Russian Federation)

ASN201706 (AS-SERVICEPIPE, RU)

spa.ufs-online.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	moskva-peterburg.ru bilet.moskva-peterburg.ru moskva-peterburg.ru	126 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9563	2 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3603	56 KB
1	ufs-online.ru spa.ufs-online.ru
1	sapsan.su 1 redirects bilet.sapsan.su	161 B
12	5

	Domain	Requested by
5	mc.yandex.com	2 redirects bilet.moskva-peterburg.ru
4	moskva-peterburg.ru	bilet.moskva-peterburg.ru
3	bilet.moskva-peterburg.ru	bilet.moskva-peterburg.ru
2	mc.yandex.ru	1 redirects bilet.moskva-peterburg.ru
1	spa.ufs-online.ru	bilet.moskva-peterburg.ru
1	bilet.sapsan.su	1 redirects
12	6

This site contains links to these domains. Also see Links.

Domain
moskva-peterburg.ru
itunes.apple.com

Subject Issuer	Validity	Valid
bilet.moskva-peterburg.ru R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
moskva-peterburg.ru R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
*.ufs-online.ru Sectigo RSA Domain Validation Secure Server CA	`2022-02-11` - `2023-02-11`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://bilet.moskva-peterburg.ru/
Frame ID: AB4F427FDEC2CCBE539F3FC7073B39D3
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Билеты на САПСАН онлайн

Page URL History Show full URLs

https://bilet.sapsan.su/ HTTP 301
https://bilet.moskva-peterburg.ru/ Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

83 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

3
IPs

1
Countries

183 kB
Transfer

284 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://moskva-peterburg.ru/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/%D1%81%D0%B0%D0%BF%D1%81%D0%B0%D0%BD-%D0%B6%D0%B4-%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B-%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD/id1222809151?l=ru&ls=1&mt=8

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bilet.sapsan.su/ HTTP 301
https://bilet.moskva-peterburg.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9767.t1WCkJD61M00DAtEY1iCRC6QEATnIGVFL4A8mxzHL68Z8g4DPSXxMbaO-ciHrLeY.BVoAvfOxdoJkoA01hyMQT47AqxI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9768.MEY1E1CNW69f-50SKD1ImTN3DV59_19uPY_UGKMcx8OopqzdKBt6UR4XZWfslwBdDSxY_soMoA5cKRyiRtWXBg%2C%2C.yZ4iakWbp14EOVQfbmpaGy4HQ8Y%2C

Request Chain 10

https://mc.yandex.com/watch/36486975?wmode=7&page-url=https%3A%2F%2Fbilet.moskva-peterburg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A727853931143%3Ahid%3A362212664%3Az%3A0%3Ai%3A20220921043834%3Aet%3A1663735114%3Ac%3A1%3Arn%3A758372423%3Arqn%3A1%3Au%3A1663735114751233705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A103%2C135%2C48%2C1%2C417%2C0%2C%2C411%2C0%2C%2C%2C%2C1117%3Acpf%3A1%3Ans%3A1663735112765%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663735114%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%A1%D0%90%D0%9F%D0%A1%D0%90%D0%9D%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/36486975/1?wmode=7&page-url=https%3A%2F%2Fbilet.moskva-peterburg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A727853931143%3Ahid%3A362212664%3Az%3A0%3Ai%3A20220921043834%3Aet%3A1663735114%3Ac%3A1%3Arn%3A758372423%3Arqn%3A1%3Au%3A1663735114751233705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A103%2C135%2C48%2C1%2C417%2C0%2C%2C411%2C0%2C%2C%2C%2C1117%3Acpf%3A1%3Ans%3A1663735112765%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663735114%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%A1%D0%90%D0%9F%D0%A1%D0%90%D0%9D%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bilet.moskva-peterburg.ru/
Redirect Chain

https://bilet.sapsan.su/
https://bilet.moskva-peterburg.ru/

6 KB
7 KB

288ms
49ms

Document
text/html

185.12.92.143
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://bilet.moskva-peterburg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.12.92.143 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: airlin.deserv.net
Software: nginx/1.18.0 /
Resource Hash: 8aeb4abe284605142f59474362b2b89c705dade3159e0deebc0e8af38a9734dd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-store, no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Wed, 21 Sep 2022 04:38:33 GMT
expires: Wed, 21 Sep 2022 04:38:33 GMT
server: nginx/1.18.0

Redirect headers

cache-control: max-age=0
content-length: 242
content-type: text/html; charset=iso-8859-1
date: Wed, 21 Sep 2022 04:38:33 GMT
expires: Wed, 21 Sep 2022 04:38:33 GMT
location: https://bilet.moskva-peterburg.ru/
server: nginx/1.18.0

GET
H2 200 styles.css
bilet.moskva-peterburg.ru/ 12 KB
12 KB 48ms
47ms Stylesheet
text/css 185.12.92.143
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://bilet.moskva-peterburg.ru/styles.css?4
Requested by: Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.12.92.143 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: airlin.deserv.net
Software: nginx/1.18.0 /
Resource Hash: 7fb214290e1f8577982bbff93063299b1ad781fc8582edbdc677643a9d532df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:33 GMT
last-modified: Mon, 25 Jan 2021 12:49:46 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "600ebe6a-2ea2"
content-length: 11938
content-type: text/css

GET
H2 200 Sapsan-high-speed-train-4.jpg
moskva-peterburg.ru/images/ 15 KB
15 KB 257ms
94ms Image
image/jpeg 185.12.92.143
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moskva-peterburg.ru/images/Sapsan-high-speed-train-4.jpg
Requested by: Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.12.92.143 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: airlin.deserv.net
Software: nginx/1.18.0 /
Resource Hash: f3a06882dc0b5697d33067caa5e592b16aadc803ed1f3b879b0c2a46fd19a8f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:33 GMT
last-modified: Mon, 05 Oct 2020 11:55:25 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5f7b09ad-3bca"
content-length: 15306
content-type: image/jpeg

GET
H2 200 app-store-sapsan.png
bilet.moskva-peterburg.ru/images/ 4 KB
4 KB 47ms
47ms Image
image/png 185.12.92.143
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bilet.moskva-peterburg.ru/images/app-store-sapsan.png
Requested by: Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.12.92.143 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: airlin.deserv.net
Software: nginx/1.18.0 /
Resource Hash: 9da8c4fb04c0f485c9ed2777f47545e0e8d3da882ea04cd31fa0addec6a1b65b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:33 GMT
last-modified: Mon, 05 Oct 2020 11:53:05 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5f7b0921-105e"
content-length: 4190
content-type: image/png

GET
H2 200 style.css
moskva-peterburg.ru/application/ 977 B
1 KB 195ms
47ms Stylesheet
text/css 185.12.92.143
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://moskva-peterburg.ru/application/style.css?10
Requested by: Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.12.92.143 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: airlin.deserv.net
Software: nginx/1.18.0 /
Resource Hash: 698a4fd6e7880e1266df0aa67e777b6ebe5880c2b7d8e601c21e9f26a13dc4a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:33 GMT
last-modified: Mon, 05 Oct 2020 11:55:13 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5f7b09a1-3d1"
content-length: 977
content-type: text/css

GET
H2 200 jquery.js Show response
moskva-peterburg.ru/application/ 85 KB
85 KB 244ms
97ms Script
application/javascript 185.12.92.143
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://moskva-peterburg.ru/application/jquery.js
Requested by: Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.12.92.143 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: airlin.deserv.net
Software: nginx/1.18.0 /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:33 GMT
last-modified: Mon, 05 Oct 2020 11:55:12 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5f7b09a0-1538e"
content-length: 86926
content-type: application/javascript

GET
H2 200 script.js Show response
moskva-peterburg.ru/application/ 2 KB
2 KB 290ms
143ms Script
application/javascript 185.12.92.143
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: https://moskva-peterburg.ru/application/script.js?15
Requested by: Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.12.92.143 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: airlin.deserv.net
Software: nginx/1.18.0 /
Resource Hash: 37f69999f009c87a8dc4d77282431f13068f154fbed1ce14125dbacddd941a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:33 GMT
last-modified: Mon, 05 Oct 2020 11:55:13 GMT
server: nginx/1.18.0
accept-ranges: bytes
etag: "5f7b09a1-8c6"
content-length: 2246
content-type: application/javascript

GET
H2 403 widget.js
spa.ufs-online.ru/kupit-zhd-bilety/ 0
0 73ms
6ms Script
text/html 185.169.155.186
AS-SERVICEPIPE

General

Check archive.org

Show headers Download Go to

Full URL: https://spa.ufs-online.ru/kupit-zhd-bilety/widget.js
Requested by: Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.169.155.186 , Russian Federation, ASN201706 (AS-SERVICEPIPE, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 221ms
109ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fdca1d04c8f10159a8e8c70ff0086e45b0d9f0b684c333d12b67b911346a096b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:34 GMT
content-encoding: br
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
etag: "63295b76-df11"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57105
expires: Wed, 21 Sep 2022 05:38:34 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9767.t1WCkJD61M00DAtEY1iCRC6QEATnIGVFL4A8mxzHL68Z8g4DPSXxMbaO-ciHrLeY.BVoAvfOxdoJkoA01hyMQT47AqxI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9768.MEY1E1CNW69f-50SKD1ImTN3DV59_19uPY_UGKMcx8OopqzdKBt6UR4XZWfslwBdDSxY_soMoA5cKRyiRtWXBg%2C%2C.yZ4iakWbp14EOVQfbmpaGy4HQ8Y%2C

75 B
75 B

63ms
62ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9768.MEY1E1CNW69f-50SKD1ImTN3DV59_19uPY_UGKMcx8OopqzdKBt6UR4XZWfslwBdDSxY_soMoA5cKRyiRtWXBg%2C%2C.yZ4iakWbp14EOVQfbmpaGy4HQ8Y%2C

Requested by

Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:34 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9768.MEY1E1CNW69f-50SKD1ImTN3DV59_19uPY_UGKMcx8OopqzdKBt6UR4XZWfslwBdDSxY_soMoA5cKRyiRtWXBg%2C%2C.yZ4iakWbp14EOVQfbmpaGy4HQ8Y%2C
date: Wed, 21 Sep 2022 04:38:34 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 55ms
55ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: bilet.moskva-peterburg.ru
URL: https://bilet.moskva-peterburg.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:38:34 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
etag: "63295b76-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 21 Sep 2022 05:38:34 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/36486975/
Redirect Chain

https://mc.yandex.com/watch/36486975?wmode=7&page-url=https%3A%2F%2Fbilet.moskva-peterburg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A768%3Afu%3A0%3Aen%...
https://mc.yandex.com/watch/36486975/1?wmode=7&page-url=https%3A%2F%2Fbilet.moskva-peterburg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A768%3Afu%3A0%3Ae...

427 B
509 B

59ms
58ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/36486975/1?wmode=7&page-url=https%3A%2F%2Fbilet.moskva-peterburg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A727853931143%3Ahid%3A362212664%3Az%3A0%3Ai%3A20220921043834%3Aet%3A1663735114%3Ac%3A1%3Arn%3A758372423%3Arqn%3A1%3Au%3A1663735114751233705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A103%2C135%2C48%2C1%2C417%2C0%2C%2C411%2C0%2C%2C%2C%2C1117%3Acpf%3A1%3Ans%3A1663735112765%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663735114%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%A1%D0%90%D0%9F%D0%A1%D0%90%D0%9D%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

18635f14071b160b6ca1cb76c14d3f2310e80d410e8b9858301de81cc6325dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bilet.moskva-peterburg.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 04:38:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 21-Sep-2022 04:38:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bilet.moskva-peterburg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 04:38:34 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 04:38:34 GMT
last-modified: Wed, 21-Sep-2022 04:38:34 GMT
location: /watch/36486975/1?wmode=7&page-url=https%3A%2F%2Fbilet.moskva-peterburg.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aasbylctlprmpze3z6p9rs%3Afp%3A768%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A727853931143%3Ahid%3A362212664%3Az%3A0%3Ai%3A20220921043834%3Aet%3A1663735114%3Ac%3A1%3Arn%3A758372423%3Arqn%3A1%3Au%3A1663735114751233705%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A103%2C135%2C48%2C1%2C417%2C0%2C%2C411%2C0%2C%2C%2C%2C1117%3Acpf%3A1%3Ans%3A1663735112765%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663735114%3At%3A%D0%91%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%BD%D0%B0%20%D0%A1%D0%90%D0%9F%D0%A1%D0%90%D0%9D%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://bilet.moskva-peterburg.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 21-Sep-2022 04:38:34 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.moskva-peterburg.ru/	1970-01-20 14:54:31	Name: _ym_uid Value: 1663735114751233705
.moskva-peterburg.ru/	1970-01-20 14:54:31	Name: _ym_d Value: 1663735114
.mc.yandex.com/	1970-01-20 06:08:55	Name: sync_cookie_csrf Value: 345856011fake
.moskva-peterburg.ru/	1970-01-20 06:10:07	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 06:08:55	Name: sync_cookie_csrf Value: 2688275016fake
.yandex.com/	1970-01-20 14:54:31	Name: yandexuid Value: 3648591941663735114
.yandex.com/	1970-01-20 14:54:31	Name: yuidss Value: 3648591941663735114
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 908651111663735114
.yandex.com/	1970-01-20 15:44:55	Name: i Value: yPXwraOfb49B8cSMyzorCfwFwDlYuSUZlJhBuO7wLDlalDYoBndWK7MA3Lvq9fRmns0+iAWhBmUWcfFzRA+jVwTOYyw=
.yandex.com/	1970-01-20 14:54:31	Name: ymex Value: 1695271114.yrts.1663735114#1695271114.yrtsi.1663735114

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://spa.ufs-online.ru/kupit-zhd-bilety/widget.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9768.MEY1E1CNW69f-50SKD1ImTN3DV59_19uPY_UGKMcx8OopqzdKBt6UR4XZWfslwBdDSxY_soMoA5cKRyiRtWXBg%2C%2C.yZ4iakWbp14EOVQfbmpaGy4HQ8Y%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bilet.moskva-peterburg.ru
bilet.sapsan.su
mc.yandex.com
mc.yandex.ru
moskva-peterburg.ru
spa.ufs-online.ru
185.12.92.143
185.169.155.186
2a02:6b8::1:119
18635f14071b160b6ca1cb76c14d3f2310e80d410e8b9858301de81cc6325dbe
37f69999f009c87a8dc4d77282431f13068f154fbed1ce14125dbacddd941a96
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
698a4fd6e7880e1266df0aa67e777b6ebe5880c2b7d8e601c21e9f26a13dc4a2
7fb214290e1f8577982bbff93063299b1ad781fc8582edbdc677643a9d532df0
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8aeb4abe284605142f59474362b2b89c705dade3159e0deebc0e8af38a9734dd
9da8c4fb04c0f485c9ed2777f47545e0e8d3da882ea04cd31fa0addec6a1b65b
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
f3a06882dc0b5697d33067caa5e592b16aadc803ed1f3b879b0c2a46fd19a8f0
fdca1d04c8f10159a8e8c70ff0086e45b0d9f0b684c333d12b67b911346a096b

bilet.moskva-peterburg.ru Open in urlscan Pro 185.12.92.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

83 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

3 IPs

1 Countries

183 kBTransfer

284 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

10 Cookies

2 Console Messages

Indicators

bilet.moskva-peterburg.ru Open in urlscan Pro
185.12.92.143 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

83 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

3
IPs

1
Countries

183 kB
Transfer

284 kB
Size

10
Cookies

12 HTTP transactions
0 data transactions