urlscan.io logo urlscan.io
SecurityTrails logo

ridesharing.biletyplus.ru Open in urlscan Pro
95.213.206.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://ridesharing.biletyplus.ru/
Submission: On October 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 46 HTTP transactions. The main IP is 95.213.206.234, located in Russian Federation and belongs to SELECTEL, RU. The main domain is ridesharing.biletyplus.ru.
TLS certificate: Issued by R3 on August 15th 2021. Valid for: 3 months.
This is the only time ridesharing.biletyplus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    95.213.206.234 (Russian Federation)

ASN49505 (SELECTEL, RU)
ridesharing.biletyplus.ru
cdn21.itt-us.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    95.213.206.237 (Russian Federation)

ASN49505 (SELECTEL, RU)
cdn11.itt-us.com
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
3    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
code.jivosite.com
code-eu1.jivosite.com
1    34.248.231.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-231-27.eu-west-1.compute.amazonaws.com
node-eu1-b-3.jivosite.com
Domain Requested by
12 cdn21.itt-us.com ridesharing.biletyplus.ru
cdn21.itt-us.com
8 cdn11.itt-us.com ridesharing.biletyplus.ru
7 mc.yandex.com 2 redirects ridesharing.biletyplus.ru
mc.yandex.ru
5 code-eu1.jivosite.com code.jivosite.com
ridesharing.biletyplus.ru
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 top-fwz1.mail.ru ridesharing.biletyplus.ru
top-fwz1.mail.ru
2 code.jivosite.com ridesharing.biletyplus.ru
code.jivosite.com
2 fonts.gstatic.com fonts.googleapis.com
2 mc.yandex.ru 1 redirects ridesharing.biletyplus.ru
1 node-eu1-b-3.jivosite.com code.jivosite.com
1 www.googletagmanager.com ridesharing.biletyplus.ru
1 fonts.googleapis.com ridesharing.biletyplus.ru
1 ridesharing.biletyplus.ru
46 13
Subject Issuer Validity Valid
ridesharing.biletyplus.ru
R3		 2021-08-15 -
2021-11-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.itt-us.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-15 -
2022-04-15		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2020-04-05 -
2022-06-04		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://ridesharing.biletyplus.ru/
Frame ID: 908BB9F060BAF7762B5CF087E9EC8864
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Поиск попутчиков: на машине (Бла Бла Кар) без регистрации как пассажир

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

46
Requests

100 %
HTTPS

60 %
IPv6

10
Domains

13
Subdomains

11
IPs

3
Countries

843 kB
Transfer

3089 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9421.ivdQs8dH4dbS6FuvEeyXhpl7YI3v1RxMeafKFE0yQJPZaW3LqEREIjn6msysr1uL.6RYC-SjbtBbrxazMGsX_UXa_1Wk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9421.wtIIjm3KHuKQn01NDttu6Vs_0J5zE9XfiNO4_0y7QioHgPj31wFKrnz48mg7CEU4415zxW3mNEtTLBc4TBgUJQ%2C%2C.scbVE2nMO3_rZkCDlZZnID4EuvU%2C
Request Chain 31
  • https://mc.yandex.com/watch/62751775?wmode=7&page-url=https%3A%2F%2Fridesharing.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A624%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1617081417113%3Ahid%3A523242161%3Az%3A0%3Ai%3A202101009080139%3Aet%3A1633766500%3Ac%3A1%3Arn%3A646135054%3Arqn%3A1%3Au%3A1633766500328150613%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633766499183%3Ads%3A1%2C102%2C87%2C42%2C0%2C0%2C%2C406%2C0%2C%2C%2C%2C729%3Adsn%3A1%2C102%2C87%2C42%2C0%2C0%2C%2C495%2C1%2C%2C%2C%2C728%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633766500%3At%3A%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%D0%BF%D1%83%D1%82%D1%87%D0%B8%D0%BA%D0%BE%D0%B2%3A%20%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%88%D0%B8%D0%BD%D0%B5%20(%D0%91%D0%BB%D0%B0%20%D0%91%D0%BB%D0%B0%20%D0%9A%D0%B0%D1%80)%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%B0%D1%81%D1%81%D0%B0%D0%B6%D0%B8%D1%80 HTTP 302
  • https://mc.yandex.com/watch/62751775/1?wmode=7&page-url=https%3A%2F%2Fridesharing.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A624%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1617081417113%3Ahid%3A523242161%3Az%3A0%3Ai%3A202101009080139%3Aet%3A1633766500%3Ac%3A1%3Arn%3A646135054%3Arqn%3A1%3Au%3A1633766500328150613%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633766499183%3Ads%3A1%2C102%2C87%2C42%2C0%2C0%2C%2C406%2C0%2C%2C%2C%2C729%3Adsn%3A1%2C102%2C87%2C42%2C0%2C0%2C%2C495%2C1%2C%2C%2C%2C728%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633766500%3At%3A%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%D0%BF%D1%83%D1%82%D1%87%D0%B8%D0%BA%D0%BE%D0%B2%3A%20%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%88%D0%B8%D0%BD%D0%B5%20%28%D0%91%D0%BB%D0%B0%20%D0%91%D0%BB%D0%B0%20%D0%9A%D0%B0%D1%80%29%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%B0%D1%81%D1%81%D0%B0%D0%B6%D0%B8%D1%80

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ridesharing.biletyplus.ru/ 		195 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
90db3235b7b0255dc60379b762bc3a1a440ce67016d48ed904d483b0387f2e21

Request headers

:method
GET
:authority
ridesharing.biletyplus.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
set-cookie
bpbustrainsticky=3b3d9e510979131e6a7cfa4a0c711730; Expires=Sat, 09-Oct-2021 09:01:39 GMT; Path=/ bplocale=ru; Domain=.biletyplus.ru; Expires=Mon, 10-Oct-2022 08:01:39 GMT; Path=/ bp_bus_mobile_app=false; Domain=.biletyplus.ru; Expires=Thu, 27-Oct-2089 11:15:46 GMT; Path=/ currency=RUB; Domain=.biletyplus.ru; Expires=Thu, 27-Oct-2089 11:15:46 GMT; Path=/ JSESSIONID=AD58C7E0DD409AF4D0417F6440524BD9; Path=/; HttpOnly DeviceType=desktop;Path=/;Max-Age=300;domain=ridesharing.biletyplus.ru uid=X9XO6mFhTGMN9UAoEw6cAg==; expires=Mon, 09-Oct-23 08:01:39 GMT; path=/
cache-control
no-store
content-language
ru
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-encoding
br
css
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700&display=swap&subset=cyrillic
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e92ff6f799aff9d6e0f89365f1107d88dcb9b680613fee53529367e292648a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 08:01:39 GMT
server
ESF
date
Sat, 09 Oct 2021 08:01:39 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 09 Oct 2021 08:01:39 GMT
_template_default.css
cdn11.itt-us.com/resx/1.2.347.2/css/pack/ 		119 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn11.itt-us.com/resx/1.2.347.2/css/pack/_template_default.css
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.213.206.237 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e70771a68367e0ea031b94044d17888e590b9b318e8e1174ef1100ed45d7b878

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:09 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557eb5-1dd9d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
ridesharing_main.css
cdn21.itt-us.com/resx/1.2.347.2/css/pack/ 		78 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e9f53b2424f88a1c25856658f357f15d7d0cf23e85d5ad4afaf0791f1850e0a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:09 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557eb5-13972"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_black-red_header.svg
cdn21.itt-us.com/resx/1.2.347.2/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/logo_black-red_header.svg
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f2e5bd9894879bb1a82ae178f15b5d2730a5f763a2f3d914537c72b2ec1b7d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:23:28 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61558210-119e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
ridesharing_main.min.js
cdn11.itt-us.com/resx/1.2.347.2/js/bundle/ 		611 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn11.itt-us.com/resx/1.2.347.2/js/bundle/ridesharing_main.min.js
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.213.206.237 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4c9780614fd39aa37fc3039725e88435584a80cf1073d368395305dd8a006b66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:36:43 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"6155852b-98d20"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
tag.js
mc.yandex.ru/metrika/ 		191 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Fri, 08 Oct 2021 08:33:42 GMT
etag
"615fd836-1031a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66330
expires
Sat, 09 Oct 2021 09:01:39 GMT
code.js
top-fwz1.mail.ru/js/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Thu, 15 Jul 2021 18:35:46 GMT
server
nginx
etag
W/"60f08002-64db"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Sat, 09 Oct 2021 09:01:39 GMT
gtm.js
www.googletagmanager.com/ 		155 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-THQGX2
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a13d7b05da5498fea53d946a54afd298fc69ee63d33d67d26fa92aba4370bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49470
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Oct 2021 08:01:39 GMT
generator_bg.jpg
cdn21.itt-us.com/resx/1.2.347.2/img/ridesharing/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/ridesharing/generator_bg.jpg
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8e288180482dba84b7369729c7f4472f2f2c2e10ba95e59ea588f796d0abf977

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
last-modified
Thu, 30 Sep 2021 09:18:45 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
"615580f5-8fdd"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
36829
expires
Thu, 31 Dec 2037 23:55:55 GMT
routes.svg
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/routes.svg
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e3181bfc8cab7564b11b9fb2e25c8aa1e4c690e623ecdbaf4ff6ae540e23eb2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecc-804"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
payment.svg
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/ 		1 KB
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/payment.svg
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7ace9ef6d8300575e1913d87d502f4d23fb02e5aa28f21d18b9fd2baa61e7e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecc-5d1"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
more.svg
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/more.svg
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b41c2f4afc573ff91ccb3ff4cc13f0d47dee3437ea9593a68a470d255f9d689a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecc-d88"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
safe.svg
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/safe.svg
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
4bbbad316969a7a791d6a1da7986c34af28b488345fd3552e69811b5e02424e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecc-1dab"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
prices.svg
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/benefits/prices.svg
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a7a24b83965be29908495c7563f0d7a4df8add5fbeab47382b3e60e8ddf4dec8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecc-8f7"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
support.png
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/support.png
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7e46f90d71e113b309ac94930d72e2b625dd6b7b53ec659d95eba22f54dd645f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
last-modified
Thu, 30 Sep 2021 09:09:35 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
"61557ecf-1776"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
6006
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v26/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e167af37f1fd882edf7bcf15a703c25607ae273a016e9e892be7b2526b3717bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ridesharing.biletyplus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 17:08:17 GMT
x-content-type-options
nosniff
age
140002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24780
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:04 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Oct 2022 17:08:17 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ridesharing.biletyplus.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 17:04:31 GMT
x-content-type-options
nosniff
age
140228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 07 Oct 2022 17:04:31 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THQGX2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4482
date
Sat, 09 Oct 2021 06:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 09 Oct 2021 08:46:57 GMT
mastercard.svg
cdn11.itt-us.com/resx/1.2.347.2/img/minibus/ 		1 KB
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.itt-us.com/resx/1.2.347.2/img/minibus/mastercard.svg
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.213.206.237 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
5ddcd290db3e2e0990e8d541339ce51c6b9964d9700571d00a9d65493e7b5651

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:35 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecf-595"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
visa.svg
cdn11.itt-us.com/resx/1.2.347.2/img/minibus/ 		1 KB
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.itt-us.com/resx/1.2.347.2/img/minibus/visa.svg
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.213.206.237 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
90422b24edcd62791436c35e07218a64dadab74981a21dda648b6b1cdef2e2a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:35 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecf-4d1"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
mir.svg
cdn11.itt-us.com/resx/1.2.347.2/img/minibus/ 		2 KB
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.itt-us.com/resx/1.2.347.2/img/minibus/mir.svg
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.213.206.237 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bd15a65e6c216b12d8b1afdeaea6b87afa7712d7817e3aa7738a5ae3ee470e3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecc-722"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
pci_dss.png
cdn11.itt-us.com/resx/1.2.347.2/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.itt-us.com/resx/1.2.347.2/img/pci_dss.png
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.213.206.237 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cdcfe3e2f0c6d771443fefcbadd5df3408a1e6ce76cf51f1800f9f09ee31df47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
last-modified
Thu, 30 Sep 2021 09:11:40 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
"61557f4c-79b"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1947
expires
Thu, 31 Dec 2037 23:55:55 GMT
verified_by_visa.png
cdn11.itt-us.com/resx/1.2.347.2/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.itt-us.com/resx/1.2.347.2/img/verified_by_visa.png
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.213.206.237 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ea97124a187779f4cdb322e1e026020fb8f46606e1faf3e2dac6d2dd9bc5694c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
last-modified
Thu, 30 Sep 2021 09:21:41 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
"615581a5-a0e"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2574
expires
Thu, 31 Dec 2037 23:55:55 GMT
mastercard_securecode.png
cdn11.itt-us.com/resx/1.2.347.2/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn11.itt-us.com/resx/1.2.347.2/img/mastercard_securecode.png
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.213.206.237 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
8ba68c8b01cc703793e3011b9326df387488b3f684b624bdaef371768887c6b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
last-modified
Thu, 30 Sep 2021 09:10:44 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
"61557f14-afc"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2812
expires
Thu, 31 Dec 2037 23:55:55 GMT
switch-arrow.svg
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/ 		1 KB
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/switch-arrow.svg
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
5f627340ea59dbc091b187fdb5640e44cd77ea936a42a372721f3c350df1ebad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecc-543"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
nav_sprite.png
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/nav_sprite.png
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
a4ee6a8555766dc4a30edd7c42f404bf43d238b819b6d395edb3e4f1e04cc8d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
"61557ecc-f72"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3954
expires
Thu, 31 Dec 2037 23:55:55 GMT
trust_icon.svg
cdn21.itt-us.com/resx/1.2.347.2/img/minibus/ 		1 KB
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn21.itt-us.com/resx/1.2.347.2/img/minibus/trust_icon.svg
Requested by
Host: cdn21.itt-us.com
URL: https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
61b9ba470ff21d9baffe5239ee73abeda34f6046084ae6c0cf651b79763b99b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn21.itt-us.com/resx/1.2.347.2/css/pack/ridesharing_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
content-encoding
br
last-modified
Thu, 30 Sep 2021 09:09:32 GMT
server
Microsoft-IIS/7.5
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
etag
W/"61557ecc-4c5"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
counter
top-fwz1.mail.ru/ 		43 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2484435;u=https%3A//ridesharing.biletyplus.ru/;st=1633766499912;title=%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%D0%BF%D1%83%D1%82%D1%87%D0%B8%D0%BA%D0%BE%D0%B2%3A%20%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%88%D0%B8%D0%BD%D0%B5%20(%D0%91%D0%BB%D0%B0%20%D0%91%D0%BB%D0%B0%20%D0%9A%D0%B0%D1%80)%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%B0%D1%81%D1%81%D0%B0%D0%B6%D0%B8%D1%80;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=ab6c2b9f6e240fed;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.3//4g/0/0/;lvid=1633766499948%3A1633766499956%3A1%3A680aa68f704d7be0ab842c3f1886f625;opts=dl;visible=true;_=0.033415484462456124
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ridesharing.biletyplus.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Oct 2021 08:01:39 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://ridesharing.biletyplus.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://ridesharing.biletyplus.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://ridesharing.biletyplus.ru
access-control-allow-headers
*
collect
www.google-analytics.com/j/ 		1 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2128898434&t=pageview&_s=1&dl=https%3A%2F%2Fridesharing.biletyplus.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%D0%BF%D1%83%D1%82%D1%87%D0%B8%D0%BA%D0%BE%D0%B2%3A%20%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%88%D0%B8%D0%BD%D0%B5%20(%D0%91%D0%BB%D0%B0%20%D0%91%D0%BB%D0%B0%20%D0%9A%D0%B0%D1%80)%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%B0%D1%81%D1%81%D0%B0%D0%B6%D0%B8%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=738837662&gjid=1854849400&cid=682800406.1633766500&tid=UA-33546069-1&_gid=401752683.1633766500&_r=1&gtm=2wga60THQGX2&z=636624711
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ridesharing.biletyplus.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 08:01:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ridesharing.biletyplus.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9421.ivdQs8dH4dbS6FuvEeyXhpl7YI3v1RxMeafKFE0yQJPZaW3LqEREIjn6msysr1uL.6RYC-SjbtBbrxazMGsX_UXa_1Wk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9421.wtIIjm3KHuKQn01NDttu6Vs_0J5zE9XfiNO4_0y7QioHgPj31wFKrnz48mg7CEU4415zxW3mNEtTLBc4TBgUJQ%2C%2C.scbVE2nMO3_rZkCDlZZnID4EuvU%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9421.wtIIjm3KHuKQn01NDttu6Vs_0J5zE9XfiNO4_0y7QioHgPj31wFKrnz48mg7CEU4415zxW3mNEtTLBc4TBgUJQ%2C%2C.scbVE2nMO3_rZkCDlZZnID4EuvU%2C
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:40 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9421.wtIIjm3KHuKQn01NDttu6Vs_0J5zE9XfiNO4_0y7QioHgPj31wFKrnz48mg7CEU4415zxW3mNEtTLBc4TBgUJQ%2C%2C.scbVE2nMO3_rZkCDlZZnID4EuvU%2C
date
Sat, 09 Oct 2021 08:01:40 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 08:01:40 GMT
last-modified
Fri, 08 Oct 2021 08:33:42 GMT
etag
"615fd836-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 09 Oct 2021 09:01:40 GMT
1
mc.yandex.com/watch/62751775/
Redirect Chain
  • https://mc.yandex.com/watch/62751775?wmode=7&page-url=https%3A%2F%2Fridesharing.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A624%3Afu%3A0%3Aen%3Au...
  • https://mc.yandex.com/watch/62751775/1?wmode=7&page-url=https%3A%2F%2Fridesharing.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A624%3Afu%3A0%3Aen%3...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/62751775/1?wmode=7&page-url=https%3A%2F%2Fridesharing.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A624%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1617081417113%3Ahid%3A523242161%3Az%3A0%3Ai%3A202101009080139%3Aet%3A1633766500%3Ac%3A1%3Arn%3A646135054%3Arqn%3A1%3Au%3A1633766500328150613%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633766499183%3Ads%3A1%2C102%2C87%2C42%2C0%2C0%2C%2C406%2C0%2C%2C%2C%2C729%3Adsn%3A1%2C102%2C87%2C42%2C0%2C0%2C%2C495%2C1%2C%2C%2C%2C728%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633766500%3At%3A%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%D0%BF%D1%83%D1%82%D1%87%D0%B8%D0%BA%D0%BE%D0%B2%3A%20%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%88%D0%B8%D0%BD%D0%B5%20%28%D0%91%D0%BB%D0%B0%20%D0%91%D0%BB%D0%B0%20%D0%9A%D0%B0%D1%80%29%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%B0%D1%81%D1%81%D0%B0%D0%B6%D0%B8%D1%80
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5a1cd4c60e656736c867db2286e11bbec78068c44ba51bbfb8ce69b39068a14c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 08:01:40 GMT
x-content-type-options
nosniff
last-modified
Sat, 09-Oct-2021 08:01:40 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ridesharing.biletyplus.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sat, 09-Oct-2021 08:01:40 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 08:01:40 GMT
last-modified
Sat, 09-Oct-2021 08:01:40 GMT
location
/watch/62751775/1?wmode=7&page-url=https%3A%2F%2Fridesharing.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A624%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1617081417113%3Ahid%3A523242161%3Az%3A0%3Ai%3A202101009080139%3Aet%3A1633766500%3Ac%3A1%3Arn%3A646135054%3Arqn%3A1%3Au%3A1633766500328150613%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633766499183%3Ads%3A1%2C102%2C87%2C42%2C0%2C0%2C%2C406%2C0%2C%2C%2C%2C729%3Adsn%3A1%2C102%2C87%2C42%2C0%2C0%2C%2C495%2C1%2C%2C%2C%2C728%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1633766500%3At%3A%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%D0%BF%D1%83%D1%82%D1%87%D0%B8%D0%BA%D0%BE%D0%B2%3A%20%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%88%D0%B8%D0%BD%D0%B5%20%28%D0%91%D0%BB%D0%B0%20%D0%91%D0%BB%D0%B0%20%D0%9A%D0%B0%D1%80%29%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%B0%D1%81%D1%81%D0%B0%D0%B6%D0%B8%D1%80
strict-transport-security
max-age=31536000
access-control-allow-origin
https://ridesharing.biletyplus.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 09-Oct-2021 08:01:40 GMT
rkvIzQoEhZ
code.jivosite.com/script/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/rkvIzQoEhZ
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ae4b866d6e1d575d36b96937431ec245f935a8497df35a67235ac75e52695f06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc30
date
Sat, 09 Oct 2021 08:01:40 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2021-10-09T06:05:38+00:00
x-geo-shard
eu1
content-length
6144
last-modified
Mon, 13 Sep 2021 11:47:56 GMT
server
nginx
etag
"613f3a6c-1800"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
expires
Mon, 27 Sep 2021 18:28:50 GMT
tracker
top-fwz1.mail.ru/ 		43 B
942 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2484435;u=https%3A//ridesharing.biletyplus.ru/;st=1633766499912;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=ab6c2b9f6e240fed;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1633766499183/////0/1/2/2/104/8/104/191/233/323/729/729/729/971/971/;ni=9.3//4g/0/0/;lvid=1633766499948%3A1633766500155%3A2%3A680aa68f704d7be0ab842c3f1886f625;opts=dl;visible=true;_=0.24867545819151293;e=RT/load;et=1633766500154
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ridesharing.biletyplus.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 09 Oct 2021 08:01:40 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://ridesharing.biletyplus.ru
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://ridesharing.biletyplus.ru
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://ridesharing.biletyplus.ru
access-control-allow-headers
*
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2128898434&t=event&ni=1&_s=1&dl=https%3A%2F%2Fridesharing.biletyplus.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%D0%BF%D1%83%D1%82%D1%87%D0%B8%D0%BA%D0%BE%D0%B2%3A%20%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%88%D0%B8%D0%BD%D0%B5%20(%D0%91%D0%BB%D0%B0%20%D0%91%D0%BB%D0%B0%20%D0%9A%D0%B0%D1%80)%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%B0%D1%81%D1%81%D0%B0%D0%B6%D0%B8%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=10%25&el=https%3A%2F%2Fridesharing.biletyplus.ru%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=682800406.1633766500&tid=UA-33546069-1&_gid=401752683.1633766500&gtm=2wga60THQGX2&z=128691504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 21:12:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38926
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2128898434&t=event&ni=1&_s=1&dl=https%3A%2F%2Fridesharing.biletyplus.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%B8%D1%81%D0%BA%20%D0%BF%D0%BE%D0%BF%D1%83%D1%82%D1%87%D0%B8%D0%BA%D0%BE%D0%B2%3A%20%D0%BD%D0%B0%20%D0%BC%D0%B0%D1%88%D0%B8%D0%BD%D0%B5%20(%D0%91%D0%BB%D0%B0%20%D0%91%D0%BB%D0%B0%20%D0%9A%D0%B0%D1%80)%20%D0%B1%D0%B5%D0%B7%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8%20%D0%BA%D0%B0%D0%BA%20%D0%BF%D0%B0%D1%81%D1%81%D0%B0%D0%B6%D0%B8%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=25%25&el=https%3A%2F%2Fridesharing.biletyplus.ru%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=682800406.1633766500&tid=UA-33546069-1&_gid=401752683.1633766500&gtm=2wga60THQGX2&z=1735837024
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Oct 2021 21:12:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38926
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rkvIzQoEhZ
code.jivosite.com/script/widget/config/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/rkvIzQoEhZ
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/rkvIzQoEhZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d936f28001a86b7aa42c0c6b02921b62e6c52c402aec78ecafea9d55f6c26209

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Sat, 09 Oct 2021 08:01:40 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cached-since
2021-10-09T06:05:39+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
x-geo-shard
eu1
content-length
1143
via
1.1 sharxy
expires
Sat, 09 Oct 2021 08:05:39 GMT
rkvIzQoEhZ
node-eu1-b-3.jivosite.com/widget/status/191617/ 		79 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-eu1-b-3.jivosite.com/widget/status/191617/rkvIzQoEhZ?rnd=0.17449841934005006
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/rkvIzQoEhZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.248.231.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-231-27.eu-west-1.compute.amazonaws.com
Software
foxy /
Resource Hash
bacea3eb75f8728fbdf5a6a5bacda38f4006ae87a8514e89092e143d880fbbe1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 08:01:40 GMT
server
foxy
x-botmode
no
x-geoip
DE;HE;Frankfurt am Main
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ridesharing.biletyplus.ru
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
79
bundle_ru_RU.js
code-eu1.jivosite.com/js/ 		1 MB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code-eu1.jivosite.com/js/bundle_ru_RU.js?rand=1631705454
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/rkvIzQoEhZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
93811672b5168ff33dcc52f40f04b85befc774244c1749d50b17edd680d180d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Sat, 09 Oct 2021 08:01:40 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2021-10-08T09:26:53+00:00
x-geo-shard
eu1
content-length
270422
last-modified
Mon, 13 Sep 2021 11:49:58 GMT
server
nginx
etag
"613f3ae6-42056"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
widget.css
code-eu1.jivosite.com/css/6aa407b3/ 		224 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code-eu1.jivosite.com/css/6aa407b3/widget.css
Requested by
Host: ridesharing.biletyplus.ru
URL: https://ridesharing.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
aa31c201d25853281e4eb96fb4fb785515446a23eb220f5f298aec4f56bf255b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ridesharing.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Sat, 09 Oct 2021 08:01:40 GMT
content-encoding
br
x-cached-since
2021-10-02T02:30:51+00:00
x-geo-shard
eu1
content-length
48603
last-modified
Mon, 13 Sep 2021 11:49:25 GMT
server
nginx
etag
"613f3ac5-bddb"
vary
Accept-Encoding
content-type
text/css
via
1.1 sharxy
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Tue, 12 Oct 2021 02:30:51 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		447 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
071d74e3fd73b177dc1922d37f06b6a484561e56ea41f2432970a965ad0df34d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code-eu1.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code-eu1.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://ridesharing.biletyplus.ru/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Sat, 09 Oct 2021 08:01:40 GMT
via
1.1 sharxy
x-cached-since
2021-09-17T19:35:40+00:00
Content-Range
bytes 0-3759/3760
x-geo-shard
eu1
Content-Length
3760
last-modified
Mon, 13 Sep 2021 11:47:11 GMT
server
nginx
etag
"613f3a3f-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sun, 17 Oct 2021 19:35:40 GMT
notification.mp3
code-eu1.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code-eu1.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://ridesharing.biletyplus.ru/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Sat, 09 Oct 2021 08:01:40 GMT
via
1.1 sharxy
x-cached-since
2021-09-17T19:35:26+00:00
Content-Range
bytes 0-5807/5808
x-geo-shard
eu1
Content-Length
5808
last-modified
Mon, 13 Sep 2021 11:47:11 GMT
server
nginx
etag
"613f3a3f-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sun, 17 Oct 2021 19:35:26 GMT
outgoing_message.mp3
code-eu1.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code-eu1.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://ridesharing.biletyplus.ru/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Sat, 09 Oct 2021 08:01:40 GMT
via
1.1 sharxy
x-cached-since
2021-09-17T19:35:26+00:00
Content-Range
bytes 0-5013/5014
x-geo-shard
eu1
Content-Length
5014
last-modified
Mon, 13 Sep 2021 11:47:11 GMT
server
nginx
etag
"613f3a3f-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Sun, 17 Oct 2021 19:35:26 GMT
62751775
mc.yandex.com/webvisor/ 		43 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/62751775?wmode=0&wv-part=1&wv-hit=523242161&page-url=https%3A%2F%2Fridesharing.biletyplus.ru%2F&rn=852154011&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1633766503%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101009080142%3Au%3A1633766500328150613%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633766503
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ridesharing.biletyplus.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 08:01:42 GMT
last-modified
Sat, 09-Oct-2021 08:01:42 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ridesharing.biletyplus.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Oct-2021 08:01:42 GMT
62751775
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/62751775?wmode=0&wv-part=1&wv-hit=523242161&page-url=https%3A%2F%2Fridesharing.biletyplus.ru%2F&rn=967449646&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1633766504%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101009080143%3Au%3A1633766500328150613%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1633766504
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ridesharing.biletyplus.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 08:01:44 GMT
last-modified
Sat, 09-Oct-2021 08:01:44 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://ridesharing.biletyplus.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 09-Oct-2021 08:01:44 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| _eventYa number| yandexCounterNumber function| ym object| _tmr object| dataLayer function| _eventFull function| _event function| _eventSimple object| lpParams object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ridesharing_main function| _ object| jQBrowser object| ajaxUtils object| utils object| screenUtils object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter62751775 function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config string| jivo_version object| jivo_api

27 Cookies

Domain/Path Name / Value
ridesharing.biletyplus.ru/ Name: bpbustrainsticky
Value: 3b3d9e510979131e6a7cfa4a0c711730
.biletyplus.ru/ Name: bplocale
Value: ru
.biletyplus.ru/ Name: bp_bus_mobile_app
Value: false
.biletyplus.ru/ Name: currency
Value: RUB
ridesharing.biletyplus.ru/ Name: JSESSIONID
Value: AD58C7E0DD409AF4D0417F6440524BD9
.ridesharing.biletyplus.ru/ Name: DeviceType
Value: desktop
ridesharing.biletyplus.ru/ Name: uid
Value: X9XO6mFhTGMN9UAoEw6cAg==
.biletyplus.ru/ Name: bpdscrsize
Value: 1600-1200
.biletyplus.ru/ Name: tmr_lvid
Value: 680aa68f704d7be0ab842c3f1886f625
.biletyplus.ru/ Name: tmr_lvidTS
Value: 1633766499948
.biletyplus.ru/ Name: _ga
Value: GA1.2.682800406.1633766500
.biletyplus.ru/ Name: _gid
Value: GA1.2.401752683.1633766500
.biletyplus.ru/ Name: _gat_UA-33546069-1
Value: 1
.biletyplus.ru/ Name: _ym_uid
Value: 1633766500328150613
.biletyplus.ru/ Name: _ym_d
Value: 1633766500
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4150268724fake
.biletyplus.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3972685164fake
.biletyplus.ru/ Name: tmr_reqNum
Value: 2
.yandex.com/ Name: yandexuid
Value: 7213697091633766500
.yandex.com/ Name: yuidss
Value: 7213697091633766500
mc.yandex.com/ Name: yabs-sid
Value: 2000324341633766500
.yandex.com/ Name: i
Value: awJRexV7Uxzkpuw45iI78+N4cYkplnJk7B27mI2Vea7GAx4T920oKUUd3biiR3Rp/De78W24jsKXz+9iSSqbE6hihEU=
.yandex.com/ Name: ymex
Value: 1665302500.yrts.1633766500#1665302500.yrtsi.1633766500
.mail.ru/ Name: VID
Value: 27UeSd162nI500000W10H425:::0-0-0-67ba523:CAASEORFQ3XoKtSivKrokTUPxQIaYFyWUYKH3I98QL2RyxdzBUjx20-jm9MV-b3ntWzJVmWC3f-cg87AyZPCQcpq_LI_p9sMBWz45a-7m2GQPT9AKKJcjD22zcYsS3acy2qYvnC2XIQKn1B_2UGmAZZsdwXn9Q
.biletyplus.ru/ Name: _ym_visorc
Value: w
ridesharing.biletyplus.ru/ Name: tmr_detect
Value: 0%7C1633766502231

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9421.wtIIjm3KHuKQn01NDttu6Vs_0J5zE9XfiNO4_0y7QioHgPj31wFKrnz48mg7CEU4415zxW3mNEtTLBc4TBgUJQ%2C%2C.scbVE2nMO3_rZkCDlZZnID4EuvU%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn11.itt-us.com
cdn21.itt-us.com
code-eu1.jivosite.com
code.jivosite.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
node-eu1-b-3.jivosite.com
ridesharing.biletyplus.ru
top-fwz1.mail.ru
www.google-analytics.com
www.googletagmanager.com
217.69.133.145
2a00:1450:4001:800::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82f::2008
2a02:6b8::1:119
2a03:90c0:41:2801::254
34.248.231.27
95.213.206.234
95.213.206.237
071d74e3fd73b177dc1922d37f06b6a484561e56ea41f2432970a965ad0df34d
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
4bbbad316969a7a791d6a1da7986c34af28b488345fd3552e69811b5e02424e7
4c9780614fd39aa37fc3039725e88435584a80cf1073d368395305dd8a006b66
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a1cd4c60e656736c867db2286e11bbec78068c44ba51bbfb8ce69b39068a14c
5ddcd290db3e2e0990e8d541339ce51c6b9964d9700571d00a9d65493e7b5651
5f627340ea59dbc091b187fdb5640e44cd77ea936a42a372721f3c350df1ebad
61b9ba470ff21d9baffe5239ee73abeda34f6046084ae6c0cf651b79763b99b3
6a13d7b05da5498fea53d946a54afd298fc69ee63d33d67d26fa92aba4370bc8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ace9ef6d8300575e1913d87d502f4d23fb02e5aa28f21d18b9fd2baa61e7e11
7e46f90d71e113b309ac94930d72e2b625dd6b7b53ec659d95eba22f54dd645f
7e92ff6f799aff9d6e0f89365f1107d88dcb9b680613fee53529367e292648a5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8ba68c8b01cc703793e3011b9326df387488b3f684b624bdaef371768887c6b4
8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c
8e288180482dba84b7369729c7f4472f2f2c2e10ba95e59ea588f796d0abf977
90422b24edcd62791436c35e07218a64dadab74981a21dda648b6b1cdef2e2a7
90db3235b7b0255dc60379b762bc3a1a440ce67016d48ed904d483b0387f2e21
93811672b5168ff33dcc52f40f04b85befc774244c1749d50b17edd680d180d8
a4ee6a8555766dc4a30edd7c42f404bf43d238b819b6d395edb3e4f1e04cc8d9
a7a24b83965be29908495c7563f0d7a4df8add5fbeab47382b3e60e8ddf4dec8
aa31c201d25853281e4eb96fb4fb785515446a23eb220f5f298aec4f56bf255b
ae4b866d6e1d575d36b96937431ec245f935a8497df35a67235ac75e52695f06
b41c2f4afc573ff91ccb3ff4cc13f0d47dee3437ea9593a68a470d255f9d689a
bacea3eb75f8728fbdf5a6a5bacda38f4006ae87a8514e89092e143d880fbbe1
bd15a65e6c216b12d8b1afdeaea6b87afa7712d7817e3aa7738a5ae3ee470e3d
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
cdcfe3e2f0c6d771443fefcbadd5df3408a1e6ce76cf51f1800f9f09ee31df47
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d936f28001a86b7aa42c0c6b02921b62e6c52c402aec78ecafea9d55f6c26209
e167af37f1fd882edf7bcf15a703c25607ae273a016e9e892be7b2526b3717bd
e3181bfc8cab7564b11b9fb2e25c8aa1e4c690e623ecdbaf4ff6ae540e23eb2e
e70771a68367e0ea031b94044d17888e590b9b318e8e1174ef1100ed45d7b878
e9f53b2424f88a1c25856658f357f15d7d0cf23e85d5ad4afaf0791f1850e0a6
ea97124a187779f4cdb322e1e026020fb8f46606e1faf3e2dac6d2dd9bc5694c
f2e5bd9894879bb1a82ae178f15b5d2730a5f763a2f3d914537c72b2ec1b7d83
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43