urlscan.io logo urlscan.io
SecurityTrails logo

minibus.biletyplus.ru Open in urlscan Pro
95.213.206.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://minibus.biletyplus.ru/
Submission: On January 05 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 95.213.206.234, located in Moscow, Russian Federation and belongs to SELECTEL, RU. The main domain is minibus.biletyplus.ru.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 27th 2022. Valid for: a year.
This is the only time minibus.biletyplus.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    95.213.206.234 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
minibus.biletyplus.ru
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
23    2a03:90c0:41:2801::24 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
selectelcdn.itt-us.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
3    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
23 itt-us.com
selectelcdn.itt-us.com
341 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7498
3 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
20 KB
4 gstatic.com
fonts.gstatic.com
138 KB
3 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 5047
16 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 1851
73 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
54 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
1 KB
1 biletyplus.ru
minibus.biletyplus.ru
20 KB
43 9
Domain Requested by
23 selectelcdn.itt-us.com minibus.biletyplus.ru
selectelcdn.itt-us.com
7 mc.yandex.com 3 redirects minibus.biletyplus.ru
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
minibus.biletyplus.ru
4 fonts.gstatic.com minibus.biletyplus.ru
fonts.googleapis.com
3 top-fwz1.mail.ru minibus.biletyplus.ru
3 mc.yandex.ru 2 redirects minibus.biletyplus.ru
1 www.googletagmanager.com minibus.biletyplus.ru
1 fonts.googleapis.com minibus.biletyplus.ru
1 minibus.biletyplus.ru
43 9
Subject Issuer Validity Valid
*.biletyplus.ru
GlobalSign RSA OV SSL CA 2018		 2022-07-27 -
2023-08-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
f78c24df-93f1-4fe8-8c53-695fff425399.selcdn.net
R3		 2022-11-27 -
2023-02-25		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-11-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://minibus.biletyplus.ru/
Frame ID: 4E996D31BDF4AC54CA51FCD0FF1116B2
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Маршрутки — билеты, расписание маршрутных такси онлайн

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

43
Requests

93 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

664 kB
Transfer

1758 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9874.eBgtv5O3uXn2wIv5egiU9CLuSigxCFy_0gdm6stdrcBz0YuNKh6j5jJcghKbbauv.DU5xf_1gOthdhgXSu3YBmS6Evuo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9874.keU_jIvJGSrhcRWOO6UJxcOEV6Y2fRKVEQDvxF-Ur90PX17HxA0y0FfO1OpHn6PmO-Sl39_06d1g1kCsZBcH2-FE03FUl4zT9fwQrH3U-cQ%2C.76NGuBzeOhVp4lhpTC03-eZtEMk%2C
Request Chain 37
  • https://mc.yandex.com/watch/57527989?wmode=7&page-url=https%3A%2F%2Fminibus.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A256994061668%3Ahid%3A506647060%3Az%3A0%3Ai%3A20230105141259%3Aet%3A1672927980%3Ac%3A1%3Arn%3A961231069%3Arqn%3A1%3Au%3A1672927980292545260%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A116%2C144%2C63%2C68%2C0%2C0%2C%2C360%2C0%2C%2C%2C%2C752%3Aco%3A0%3Acpf%3A1%3Ans%3A1672927978847%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672927980%3At%3A%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/57527989/1?wmode=7&page-url=https%3A%2F%2Fminibus.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A256994061668%3Ahid%3A506647060%3Az%3A0%3Ai%3A20230105141259%3Aet%3A1672927980%3Ac%3A1%3Arn%3A961231069%3Arqn%3A1%3Au%3A1672927980292545260%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A116%2C144%2C63%2C68%2C0%2C0%2C%2C360%2C0%2C%2C%2C%2C752%3Aco%3A0%3Acpf%3A1%3Ans%3A1672927978847%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672927980%3At%3A%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 41
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9874.iWxquAu47TgH41MvnblKbZ028-FjeEavgy6nHK3SISwXZpOf0c11mi2QMhxBb3pS.qo-vESqN9jFbWVwYnZk82p7Vy8A%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9874.9R071pWRRQvBaAMs3BbTzW2of42i3bJllk122Rl3QZNsnC88KSCED-h0YNLVA0furMC_R7mednpXljrTIwWynm_vl4LTDV_bC0taYezpk1A%2C.67nw9wnF4Uq16zah95LhAs8g0Y0%2C

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
minibus.biletyplus.ru/ 		193 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.206.234 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
28709da2cd2a6bf133b2291066d78064b2ac0bc08dad4ea9347bb361ee15b8ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-encoding
br
content-language
ru
content-type
text/html;charset=UTF-8
date
Thu, 05 Jan 2023 14:12:59 GMT
server
Microsoft-IIS/7.5
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://minibus.biletyplus.ru/
Origin
https://minibus.biletyplus.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 21:36:51 GMT
x-content-type-options
nosniff
age
491768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 21:36:51 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://minibus.biletyplus.ru/
Origin
https://minibus.biletyplus.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 00:20:10 GMT
x-content-type-options
nosniff
age
136369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 04 Jan 2024 00:20:10 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700&display=swap&subset=cyrillic
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66ce50d95c2f996ab9393a358f19b411b5dd482b3924b9cfadc719db9209c2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Jan 2023 14:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 14:12:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 05 Jan 2023 14:12:59 GMT
_template_default.css
selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/ 		124 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/_template_default.css
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
97c6b003f73b472e277bb64908250755739dab3ea60156e02e2b0c8cee3d3251
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:03 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6faf-1ee32"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T19:20:00+00:00
content-type
text/css
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 19:08:28 GMT
minibus_main.css
selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/ 		107 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
68e46d034e5b37a06484cc2ef0911ec26ffbf841496718135883343b91dd190e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:03 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6faf-1ab06"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-05T06:34:04+00:00
content-type
text/css
cache-control
max-age=2592000
cache
HIT
expires
Sun, 22 Jan 2023 16:42:48 GMT
logo_black_red.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/logo_black_red.svg
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
c75476a04ac885948f4799f63e0e456c82f114fc72909aeb19d250d720b51bef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-1469"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T19:19:18+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 19:08:29 GMT
logo_white_red.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/logo_white_red.svg
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
2ec15611e0e7f7b137085a91662ed525bb831242bd82feb3e3ccda0ca3392fbe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-145e"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T19:16:45+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 19:08:29 GMT
play_market_icon.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/ 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/play_market_icon.svg
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
f466d5ddaa2b210f2694818f9ee0da7a4414d861e35969426f23224811b6998b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:11 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb7-414c"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T19:17:34+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 19:08:29 GMT
_cookies_bar.css
selectelcdn.itt-us.com/resx/1.2.359.2/css/base/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/base/_cookies_bar.css
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
5c34f29a07d27258bb86b2f8dc7237fb0185035128a7e0596f623640eb9ee4fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 12:33:32 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"6399c29c-917"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T19:54:42+00:00
content-type
text/css
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 15:25:01 GMT
minibus_main.min.js
selectelcdn.itt-us.com/resx/1.2.359.2/js/bundle/ 		619 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/js/bundle/minibus_main.min.js
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
1e572c1b0f91c7a9b2bdc52586b959503acef52a25d10b5d8861b53109746cb7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 12:22:40 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"6399c010-9ab4d"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-05T06:34:04+00:00
content-type
application/javascript
cache-control
max-age=2592000
cache
HIT
expires
Sun, 22 Jan 2023 16:42:48 GMT
tag.js
mc.yandex.ru/metrika/ 		211 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:12:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Dec 2022 07:53:53 GMT
etag
"63ae6ee1-12019"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73753
expires
Thu, 05 Jan 2023 15:12:59 GMT
code.js
top-fwz1.mail.ru/js/ 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
d851fd360e7b4fc592c9b8b7b0169483f11efe98af94fdbc11c5a0b1d6e5db50
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:12:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 23 Nov 2022 16:42:10 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"637e4d62-85c6"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Thu, 05 Jan 2023 15:12:59 GMT
gtm.js
www.googletagmanager.com/ 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-THQGX2
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a619fcb7f7e09689e46416a314f4d0402ca4c1b5980ce8f14282bc9f77361a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:12:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54398
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Jan 2023 14:12:59 GMT
generator_bg.jpg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/generator_bg.jpg
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
1744dec5496f71d9fcf2880eb81ed131f9f77da79ef7f0834c03263db4f00b72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
"638f6fb3-a40a"
x-powered-by
ASP.NET
x-cached-since
2023-01-05T06:34:05+00:00
content-type
image/jpeg
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
41994
expires
Tue, 31 Jan 2023 22:25:53 GMT
routes.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/benefits/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/benefits/routes.svg
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e3181bfc8cab7564b11b9fb2e25c8aa1e4c690e623ecdbaf4ff6ae540e23eb2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-804"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-05T06:34:05+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Sun, 22 Jan 2023 20:25:34 GMT
payment.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/benefits/ 		1 KB
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/benefits/payment.svg
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
7ace9ef6d8300575e1913d87d502f4d23fb02e5aa28f21d18b9fd2baa61e7e11
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-5d1"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-05T06:34:04+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Sun, 22 Jan 2023 20:25:34 GMT
prices.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/benefits/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/benefits/prices.svg
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
a7a24b83965be29908495c7563f0d7a4df8add5fbeab47382b3e60e8ddf4dec8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-8f7"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-05T06:34:05+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Sun, 22 Jan 2023 20:25:34 GMT
refund.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/benefits/ 		877 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/benefits/refund.svg
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
78c6a4275850ecc343eda82a76ec1597371a48b71b7032f505063c5341d8931d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-36d"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T18:06:05+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Sun, 22 Jan 2023 20:25:34 GMT
support.png
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/support.png
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
7e46f90d71e113b309ac94930d72e2b625dd6b7b53ec659d95eba22f54dd645f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
"638f6fb3-1776"
x-powered-by
ASP.NET
x-cached-since
2023-01-05T12:54:42+00:00
content-type
image/png
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
6006
expires
Fri, 13 Jan 2023 18:26:21 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://minibus.biletyplus.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 19:02:01 GMT
x-content-type-options
nosniff
age
241858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26240
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:14:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 19:02:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://minibus.biletyplus.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 16:15:31 GMT
x-content-type-options
nosniff
age
424648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Dec 2023 16:15:31 GMT
mastercard.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/ 		1 KB
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/mastercard.svg
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
5ddcd290db3e2e0990e8d541339ce51c6b9964d9700571d00a9d65493e7b5651
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-595"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T15:00:23+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 13:05:12 GMT
visa.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/ 		1 KB
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/visa.svg
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
90422b24edcd62791436c35e07218a64dadab74981a21dda648b6b1cdef2e2a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-4d1"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T15:00:23+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 13:05:13 GMT
mir.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/ 		2 KB
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/mir.svg
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
bd15a65e6c216b12d8b1afdeaea6b87afa7712d7817e3aa7738a5ae3ee470e3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-722"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T15:00:23+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 13:05:13 GMT
pci_dss.png
selectelcdn.itt-us.com/resx/1.2.359.2/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/pci_dss.png
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
cdcfe3e2f0c6d771443fefcbadd5df3408a1e6ce76cf51f1800f9f09ee31df47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 06 Dec 2022 16:37:11 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
"638f6fb7-79b"
x-powered-by
ASP.NET
x-cached-since
2023-01-04T14:41:53+00:00
content-type
image/png
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
1947
expires
Fri, 13 Jan 2023 13:01:59 GMT
verified_by_visa.png
selectelcdn.itt-us.com/resx/1.2.359.2/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/verified_by_visa.png
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
ea97124a187779f4cdb322e1e026020fb8f46606e1faf3e2dac6d2dd9bc5694c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 06 Dec 2022 16:37:11 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
"638f6fb7-a0e"
x-powered-by
ASP.NET
x-cached-since
2023-01-04T14:41:53+00:00
content-type
image/png
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
2574
expires
Fri, 13 Jan 2023 13:01:59 GMT
mastercard_securecode.png
selectelcdn.itt-us.com/resx/1.2.359.2/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/mastercard_securecode.png
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
8ba68c8b01cc703793e3011b9326df387488b3f684b624bdaef371768887c6b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 06 Dec 2022 16:37:11 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
"638f6fb7-afc"
x-powered-by
ASP.NET
x-cached-since
2023-01-04T14:44:02+00:00
content-type
image/png
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
2812
expires
Fri, 13 Jan 2023 13:01:54 GMT
switch-arrow.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/ 		1 KB
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/switch-arrow.svg
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
5f627340ea59dbc091b187fdb5640e44cd77ea936a42a372721f3c350df1ebad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-543"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T15:10:23+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 13:02:44 GMT
nav_sprite.png
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/nav_sprite.png
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
a4ee6a8555766dc4a30edd7c42f404bf43d238b819b6d395edb3e4f1e04cc8d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
"638f6fb3-f72"
x-powered-by
ASP.NET
x-cached-since
2023-01-04T14:44:10+00:00
content-type
image/png
cache-control
max-age=2592000
cache
HIT
accept-ranges
bytes
content-length
3954
expires
Fri, 13 Jan 2023 13:05:13 GMT
red-arrow.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/train/main/ 		512 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/train/main/red-arrow.svg
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
377f0d49a903abfeaeae3aea9b9a72b85267be1f1414a95774a55e0eb2fee8f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:06 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb2-200"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T17:17:08+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 13:09:59 GMT
trust_icon.svg
selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/ 		1 KB
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://selectelcdn.itt-us.com/resx/1.2.359.2/img/minibus/trust_icon.svg
Requested by
Host: selectelcdn.itt-us.com
URL: https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
61b9ba470ff21d9baffe5239ee73abeda34f6046084ae6c0cf651b79763b99b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://selectelcdn.itt-us.com/resx/1.2.359.2/css/pack/minibus_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
last-modified
Tue, 06 Dec 2022 16:37:07 GMT
server
nginx
x-aspnet-version
4.0.30319
etag
W/"638f6fb3-4c5"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cached-since
2023-01-04T15:00:23+00:00
content-type
image/svg+xml
cache-control
max-age=2592000
cache
HIT
expires
Fri, 13 Jan 2023 13:05:13 GMT
counter
top-fwz1.mail.ru/ 		43 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2484435;u=https%3A//minibus.biletyplus.ru/;st=1672927979599;title=%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4fba0a7fc641bfb5;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1672927979724%3A1672927979738%3A1%3Af306988302931bee0cb2f6863b78c02b;opts=dl;visible=true;_=0.23626028705798485
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:12:59 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9874.eBgtv5O3uXn2wIv5egiU9CLuSigxCFy_0gdm6stdrcBz0YuNKh6j5jJcghKbbauv.DU5xf_1gOthdhgXSu3YBmS6Evuo%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9874.keU_jIvJGSrhcRWOO6UJxcOEV6Y2fRKVEQDvxF-Ur90PX17HxA0y0FfO1OpHn6PmO-Sl39_06d1g1kCsZBcH2-FE03FUl4zT9fwQrH3U-cQ%2C.76NGuBzeOhVp4lhpTC03-eZtEMk%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9874.keU_jIvJGSrhcRWOO6UJxcOEV6Y2fRKVEQDvxF-Ur90PX17HxA0y0FfO1OpHn6PmO-Sl39_06d1g1kCsZBcH2-FE03FUl4zT9fwQrH3U-cQ%2C.76NGuBzeOhVp4lhpTC03-eZtEMk%2C
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9874.keU_jIvJGSrhcRWOO6UJxcOEV6Y2fRKVEQDvxF-Ur90PX17HxA0y0FfO1OpHn6PmO-Sl39_06d1g1kCsZBcH2-FE03FUl4zT9fwQrH3U-cQ%2C.76NGuBzeOhVp4lhpTC03-eZtEMk%2C
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30 Dec 2022 07:53:53 GMT
etag
"63ae6ee1-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 05 Jan 2023 15:12:59 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-THQGX2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Jan 2023 13:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1335
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 05 Jan 2023 15:50:44 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1499094058&t=pageview&_s=1&dl=https%3A%2F%2Fminibus.biletyplus.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1762833499&gjid=57696614&cid=1568685934.1672927980&tid=UA-33546069-1&_gid=295072210.1672927980&_r=1&gtm=2wgbu0THQGX2&z=1737891146
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://minibus.biletyplus.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 14:12:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://minibus.biletyplus.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1499094058&t=event&ni=0&_s=1&dl=https%3A%2F%2Fminibus.biletyplus.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Cookies&ea=Show&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1568685934.1672927980&tid=UA-33546069-1&_gid=295072210.1672927980&gtm=2wgbu0THQGX2&z=509924798
Requested by
Host: minibus.biletyplus.ru
URL: https://minibus.biletyplus.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:44:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30529
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/57527989/
Redirect Chain
  • https://mc.yandex.com/watch/57527989?wmode=7&page-url=https%3A%2F%2Fminibus.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
  • https://mc.yandex.com/watch/57527989/1?wmode=7&page-url=https%3A%2F%2Fminibus.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A686%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
447 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/57527989/1?wmode=7&page-url=https%3A%2F%2Fminibus.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A256994061668%3Ahid%3A506647060%3Az%3A0%3Ai%3A20230105141259%3Aet%3A1672927980%3Ac%3A1%3Arn%3A961231069%3Arqn%3A1%3Au%3A1672927980292545260%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A116%2C144%2C63%2C68%2C0%2C0%2C%2C360%2C0%2C%2C%2C%2C752%3Aco%3A0%3Acpf%3A1%3Ans%3A1672927978847%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672927980%3At%3A%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
bd3156fe368e1b44ab2f3201521c92209807c9273480517b44557231a0717c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 14:13:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 05-Jan-2023 14:13:00 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://minibus.biletyplus.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Thu, 05-Jan-2023 14:13:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Jan 2023 14:12:59 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 05-Jan-2023 14:12:59 GMT
location
/watch/57527989/1?wmode=7&page-url=https%3A%2F%2Fminibus.biletyplus.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A686%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A256994061668%3Ahid%3A506647060%3Az%3A0%3Ai%3A20230105141259%3Aet%3A1672927980%3Ac%3A1%3Arn%3A961231069%3Arqn%3A1%3Au%3A1672927980292545260%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A116%2C144%2C63%2C68%2C0%2C0%2C%2C360%2C0%2C%2C%2C%2C752%3Aco%3A0%3Acpf%3A1%3Ans%3A1672927978847%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672927980%3At%3A%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://minibus.biletyplus.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 05-Jan-2023 14:12:59 GMT
tracker
top-fwz1.mail.ru/ 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2484435;u=https%3A//minibus.biletyplus.ru/;st=1672927979599;title=%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=4fba0a7fc641bfb5;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1672927978847/////0/1/117/117/261/179/261/325/392/327/752/752/752/1084/1084/;ni=10//4g/0/0/;lvid=1672927979724%3A1672927979932%3A2%3Af306988302931bee0cb2f6863b78c02b;opts=dl%2Cjst-gtag-ga-ym;visible=true;_=0.13526681822688347;e=RT/load;et=1672927979931
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:12:59 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1499094058&t=event&ni=1&_s=1&dl=https%3A%2F%2Fminibus.biletyplus.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=10%25&el=https%3A%2F%2Fminibus.biletyplus.ru%2F&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1568685934.1672927980&tid=UA-33546069-1&_gid=295072210.1672927980&gtm=2wgbu0THQGX2&z=1577241288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:44:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30529
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1499094058&t=event&ni=1&_s=1&dl=https%3A%2F%2Fminibus.biletyplus.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9C%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BA%D0%B8%20%E2%80%94%20%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%2C%20%D1%80%D0%B0%D1%81%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D0%BD%D1%8B%D1%85%20%D1%82%D0%B0%D0%BA%D1%81%D0%B8%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=25%25&el=https%3A%2F%2Fminibus.biletyplus.ru%2F&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=1568685934.1672927980&tid=UA-33546069-1&_gid=295072210.1672927980&gtm=2wgbu0THQGX2&z=1937833649
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Jan 2023 05:44:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30529
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9874.iWxquAu47TgH41MvnblKbZ028-FjeEavgy6nHK3SISwXZpOf0c11mi2QMhxBb3pS.qo-vESqN9jFbWVwYnZk82p7Vy8A%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9874.9R071pWRRQvBaAMs3BbTzW2of42i3bJllk122Rl3QZNsnC88KSCED-h0YNLVA0furMC_R7mednpXljrTIwWynm_vl4LTDV_bC0taYezpk1A%2C.67nw9wnF4Uq16zah95...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9874.9R071pWRRQvBaAMs3BbTzW2of42i3bJllk122Rl3QZNsnC88KSCED-h0YNLVA0furMC_R7mednpXljrTIwWynm_vl4LTDV_bC0taYezpk1A%2C.67nw9wnF4Uq16zah95LhAs8g0Y0%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://minibus.biletyplus.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 14:13:00 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9874.9R071pWRRQvBaAMs3BbTzW2of42i3bJllk122Rl3QZNsnC88KSCED-h0YNLVA0furMC_R7mednpXljrTIwWynm_vl4LTDV_bC0taYezpk1A%2C.67nw9wnF4Uq16zah95LhAs8g0Y0%2C
date
Thu, 05 Jan 2023 14:13:00 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| _eventYa number| yandexCounterNumber function| ym object| _tmr object| dataLayer function| _eventFull function| _event function| _eventSimple object| lpPointDep object| lpPointArr object| lpParams object| crossSaleData object| routePriceCalendarData object| minibus_main function| _ object| jQBrowser object| ajaxUtils object| utils object| screenUtils object| Ya object| yaCounter57527989 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

24 Cookies

Domain/Path Name / Value
.biletyplus.ru/ Name: bplocale
Value: ru
.biletyplus.ru/ Name: bp_mobile_app
Value: false
minibus.biletyplus.ru/ Name: JSESSIONID
Value: 5CA29FD53B05E1C2B9D333F7365B9C21
.minibus.biletyplus.ru/ Name: DeviceType
Value: desktop
minibus.biletyplus.ru/ Name: uid
Value: X9XO6mO22usacH9pNtVDAg==
.biletyplus.ru/ Name: bpdscrsize
Value: 1600-1200
.biletyplus.ru/ Name: currency
Value: RUB
.biletyplus.ru/ Name: tmr_lvid
Value: f306988302931bee0cb2f6863b78c02b
.biletyplus.ru/ Name: tmr_lvidTS
Value: 1672927979724
.biletyplus.ru/ Name: _ym_uid
Value: 1672927980292545260
.biletyplus.ru/ Name: _ym_d
Value: 1672927980
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 93971402fake
.biletyplus.ru/ Name: _ym_isad
Value: 2
.biletyplus.ru/ Name: _ga
Value: GA1.2.1568685934.1672927980
.biletyplus.ru/ Name: _gid
Value: GA1.2.295072210.1672927980
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2378320628fake
.biletyplus.ru/ Name: _gat_UA-33546069-1
Value: 1
mc.yandex.com/ Name: yabs-sid
Value: 1382551321672927979
.yandex.com/ Name: i
Value: LwPkMNx6gvwNpRa1LGpFoKeCyl9PTWqJbXRinqBVZgMX3lb2JNiUmakOaYahtBhO39MUObGWX/cLfs762p7j8IyppDs=
.yandex.com/ Name: yandexuid
Value: 3000940021672927979
.yandex.com/ Name: yuidss
Value: 3000940021672927979
.yandex.com/ Name: ymex
Value: 1704463979.yc.1672927979#1704463979.yrts.1672927979#1704463979.yrtsi.1672927979
.mail.ru/ Name: VID
Value: 36LMlc3BN4YE00000m1WP42E:::0-0-0-8d133ab:CAASEHtoJPHc9PM4DeIiJx8IxkIaYENTfsJ4CqQeFvgMxdIlUKr8Q9mgcyEm69ba4Wjc-A0G5SVhsDBo-ut2wmZMXJiPKufrFKG5TinJ4sl7AxiHKW6FssfXdszihO_TefE90b-qfFWkEw13E4V5q-71HQgg9A
minibus.biletyplus.ru/ Name: tmr_detect
Value: 0%7C1672927981995

3 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9874.keU_jIvJGSrhcRWOO6UJxcOEV6Y2fRKVEQDvxF-Ur90PX17HxA0y0FfO1OpHn6PmO-Sl39_06d1g1kCsZBcH2-FE03FUl4zT9fwQrH3U-cQ%2C.76NGuBzeOhVp4lhpTC03-eZtEMk%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://minibus.biletyplus.ru/
Message:
The resource https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://minibus.biletyplus.ru/
Message:
The resource https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
minibus.biletyplus.ru
selectelcdn.itt-us.com
top-fwz1.mail.ru
www.google-analytics.com
www.googletagmanager.com
2a00:1450:4001:806::2008
2a00:1450:4001:813::2003
2a00:1450:4001:830::200e
2a00:1450:400d:806::200a
2a02:6b8::1:119
2a03:90c0:41:2801::24
95.163.52.67
95.213.206.234
1744dec5496f71d9fcf2880eb81ed131f9f77da79ef7f0834c03263db4f00b72
1e572c1b0f91c7a9b2bdc52586b959503acef52a25d10b5d8861b53109746cb7
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28709da2cd2a6bf133b2291066d78064b2ac0bc08dad4ea9347bb361ee15b8ef
2ec15611e0e7f7b137085a91662ed525bb831242bd82feb3e3ccda0ca3392fbe
377f0d49a903abfeaeae3aea9b9a72b85267be1f1414a95774a55e0eb2fee8f5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5c34f29a07d27258bb86b2f8dc7237fb0185035128a7e0596f623640eb9ee4fa
5ddcd290db3e2e0990e8d541339ce51c6b9964d9700571d00a9d65493e7b5651
5f627340ea59dbc091b187fdb5640e44cd77ea936a42a372721f3c350df1ebad
61b9ba470ff21d9baffe5239ee73abeda34f6046084ae6c0cf651b79763b99b3
66ce50d95c2f996ab9393a358f19b411b5dd482b3924b9cfadc719db9209c2fa
68e46d034e5b37a06484cc2ef0911ec26ffbf841496718135883343b91dd190e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78c6a4275850ecc343eda82a76ec1597371a48b71b7032f505063c5341d8931d
7ace9ef6d8300575e1913d87d502f4d23fb02e5aa28f21d18b9fd2baa61e7e11
7e46f90d71e113b309ac94930d72e2b625dd6b7b53ec659d95eba22f54dd645f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ba68c8b01cc703793e3011b9326df387488b3f684b624bdaef371768887c6b4
90422b24edcd62791436c35e07218a64dadab74981a21dda648b6b1cdef2e2a7
97c6b003f73b472e277bb64908250755739dab3ea60156e02e2b0c8cee3d3251
a4ee6a8555766dc4a30edd7c42f404bf43d238b819b6d395edb3e4f1e04cc8d9
a619fcb7f7e09689e46416a314f4d0402ca4c1b5980ce8f14282bc9f77361a2f
a7a24b83965be29908495c7563f0d7a4df8add5fbeab47382b3e60e8ddf4dec8
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd15a65e6c216b12d8b1afdeaea6b87afa7712d7817e3aa7738a5ae3ee470e3d
bd3156fe368e1b44ab2f3201521c92209807c9273480517b44557231a0717c58
c75476a04ac885948f4799f63e0e456c82f114fc72909aeb19d250d720b51bef
cdcfe3e2f0c6d771443fefcbadd5df3408a1e6ce76cf51f1800f9f09ee31df47
d851fd360e7b4fc592c9b8b7b0169483f11efe98af94fdbc11c5a0b1d6e5db50
e3181bfc8cab7564b11b9fb2e25c8aa1e4c690e623ecdbaf4ff6ae540e23eb2e
ea97124a187779f4cdb322e1e026020fb8f46606e1faf3e2dac6d2dd9bc5694c
f466d5ddaa2b210f2694818f9ee0da7a4414d861e35969426f23224811b6998b
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf