urlscan.io logo urlscan.io
SecurityTrails logo

direct.avticket.ru Open in urlscan Pro
23.111.238.40  Public Scan

Go To Rescan Add Verdict Report
URL: https://direct.avticket.ru/
Submission: On August 04 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 12 domains to perform 40 HTTP transactions. The main IP is 23.111.238.40, located in Netherlands and belongs to SERVERS-COM, US. The main domain is direct.avticket.ru.
TLS certificate: Issued by R10 on July 31st 2024. Valid for: 3 months.
This is the only time direct.avticket.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 23.111.238.40 7979 (SERVERS-COM)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 8 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 142.250.181.232 15169 (GOOGLE)
1 18.66.112.74 16509 (AMAZON-02)
5 172.255.224.36 7979 (SERVERS-COM)
4 185.106.81.236 7979 (SERVERS-COM)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 188.42.198.44 7979 (SERVERS-COM)
40 14
13    23.111.238.40 (Netherlands)

ASN7979 (SERVERS-COM, US)
direct.avticket.ru
1    2606:4700:3037::ac43:82da (United States)

ASN13335 (CLOUDFLARENET, US)
avticket.ru
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
1    18.66.112.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-74.fra56.r.cloudfront.net
static.aviasales.com
5    172.255.224.36 (Netherlands)

ASN7979 (SERVERS-COM, US)
www.travelpayouts.com
travelpayouts.com
4    185.106.81.236 (Netherlands)

ASN7979 (SERVERS-COM, US)
mamka.aviasales.ru
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    188.42.198.44 (Luxembourg)

ASN7979 (SERVERS-COM, US)
avsplow.com
Apex Domain
Subdomains		 Transfer
14 avticket.ru
direct.avticket.ru
avticket.ru
1008 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
5 travelpayouts.com
www.travelpayouts.com — Cisco Umbrella Rank: 180916
travelpayouts.com — Cisco Umbrella Rank: 100177
34 KB
4 aviasales.ru
mamka.aviasales.ru
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
270 KB
2 avsplow.com
avsplow.com — Cisco Umbrella Rank: 267696
952 B
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
57 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 9563
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
256 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
1 aviasales.com
static.aviasales.com — Cisco Umbrella Rank: 172222
14 KB
40 12
Domain Requested by
13 direct.avticket.ru direct.avticket.ru
6 mc.yandex.com 2 redirects direct.avticket.ru
mc.yandex.ru
4 mamka.aviasales.ru direct.avticket.ru
4 www.travelpayouts.com direct.avticket.ru
3 www.googletagmanager.com direct.avticket.ru
www.googletagmanager.com
www.google-analytics.com
2 avsplow.com 1 redirects direct.avticket.ru
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects direct.avticket.ru
1 travelpayouts.com direct.avticket.ru
1 www.google.nl direct.avticket.ru
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 static.aviasales.com direct.avticket.ru
1 avticket.ru direct.avticket.ru
40 15

This site contains links to these domains. Also see Links.

Domain
avticket.ru
www.travelpayouts.com
Subject Issuer Validity Valid
direct.avticket.ru
R10		 2024-07-31 -
2024-10-29		 3 months crt.sh
avticket.ru
WE1		 2024-06-21 -
2024-09-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
aviasales.com
Amazon RSA 2048 M03		 2023-12-24 -
2025-01-22		 a year crt.sh
travelpayouts.com
R11		 2024-06-22 -
2024-09-20		 3 months crt.sh
aviasales.ru
R10		 2024-07-24 -
2024-10-22		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google.nl
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://direct.avticket.ru/
Frame ID: 8442C866B8AEBBB682E62E1BDE64CC52
Requests: 45 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 16C6FF42F55C7649354B410EFB4368EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Дешевые авиабилеты и отели

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

40
Requests

93 %
HTTPS

54 %
IPv6

12
Domains

15
Subdomains

14
IPs

6
Countries

1408 kB
Transfer

6588 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10451.Dv64ujSwgPTKXT7RMVx-OwCojgWljB4HmgbxHqsV0Kf1-MBgBpT8YFycTmffZXJs.rQrCZCg6nsgVMQjJdDbw7uubEb0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10451.7z5ekzzSl5117f82W4PhO7xKeXj0C-6toI5zRoolV2qtvu24BcRKNTIkPjl5HNuGJZgGH6SZ4lES_OPsnfrcQI40X3RYlO69TFHcULTbjNxJUOqdVH-S2F0vuohECI-vWDdRgP1NwCSYWPctN6mv8pESuwpvSehiFKUrfoeZTGuU2xjlZeCy5DgV7ESoXIb3JX5AWJEUv7iMMxxTTS2KzhGTzz5jFiqH5ZoMcqgUB8Y%2C.gXRyLcosukKgfvVRl2LNB2WQKCs%2C
Request Chain 17
  • https://mc.yandex.com/watch/51111032?wmode=7&page-url=https%3A%2F%2Fdirect.avticket.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2qqu4bjae6sn44tmthid3iazrv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A1036657329156%3Ahid%3A51983571%3Az%3A120%3Ai%3A20240804120610%3Aet%3A1722765971%3Ac%3A1%3Arn%3A840975279%3Arqn%3A1%3Au%3A1722765971354066791%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3637%3Ads%3A0%2C3190%2C176%2C3%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C3587%3Aco%3A0%3Acpf%3A1%3Ans%3A1722765966159%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722765971%3At%3A%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D0%B8%D0%B0%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3178756)ti(1) HTTP 302
  • https://mc.yandex.com/watch/51111032/1?wmode=7&page-url=https%3A%2F%2Fdirect.avticket.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2qqu4bjae6sn44tmthid3iazrv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A1036657329156%3Ahid%3A51983571%3Az%3A120%3Ai%3A20240804120610%3Aet%3A1722765971%3Ac%3A1%3Arn%3A840975279%3Arqn%3A1%3Au%3A1722765971354066791%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3637%3Ads%3A0%2C3190%2C176%2C3%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C3587%3Aco%3A0%3Acpf%3A1%3Ans%3A1722765966159%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722765971%3At%3A%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D0%B8%D0%B0%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178756%29ti%281%29
Request Chain 31
  • https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22whitelabel_ru%22%2C%22trace_id%22%3A%22Zzaf5df5ea744440ad9de7f28e-45009%22%2C%22promo_id%22%3A%224237%22%7D%7D%5D%7D HTTP 302
  • https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_ru%22,%22trace_id%22:%22Zzaf5df5ea744440ad9de7f28e-45009%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
direct.avticket.ru/ 		23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
bafb742d79b863432e10d1a6a41b200e87bd16c2573da629629cb5d7fc6432e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Aug 2024 10:06:09 GMT
x-request-id
cc1cc601a7f613339cebe2a2bc3fdff6
whitelabel_ru.js
direct.avticket.ru/widgets/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/widgets/whitelabel_ru.js?v=002&rtl=false&locale=ru
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
1e0622744b303962d23dbe3572d573ec98c2554a3b2d46d62ce37a713695669d

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-robots-tag
noindex
date
Sun, 04 Aug 2024 10:06:09 GMT
content-encoding
br
content-type
application/javascript
cache-control
no-store
timing-allow-origin
*
link
</mewtwo/styles.css?locale=ru&rtl=false&v=002>; rel=preload; as=style, </widgets_static/whitelabel_ru.js?locale=ru&rtl=false&v=002>; rel=preload; as=script
content-length
1871
x-promo-id
4237
x-request-id
60a78a0771bfd1701ad628604efc94a9
main.ru.js
direct.avticket.ru/ 		795 KB
229 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/main.ru.js
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
93421a951ea6aac4b2c8a78efe06313e8096973bf0033b19053a1bbd06163de1

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:10 GMT
content-encoding
gzip
last-modified
Sunday, 04-Aug-2024 10:06:09 UTC
etag
W/"669e4d8d-c6db2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
a05f186a73cbf1a7b453447d51b8f4c6
expires
Sun, 04 Aug 2024 10:36:09 GMT
main.css
direct.avticket.ru/ 		2 MB
542 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/main.css
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
a6cb4c91723ee879e398f4eb4eaf98b23b91eb8d1ef8367fc22bce64d7332e2d

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:10 GMT
content-encoding
gzip
last-modified
Sunday, 04-Aug-2024 10:06:09 UTC
etag
W/"669e4ba0-1b9126"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
cb497a73949eddfd94e9645caa895df9
expires
Sun, 04 Aug 2024 10:36:09 GMT
logo.png
avticket.ru/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avticket.ru/logo.png
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:82da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08790ba4b57f633f9de23741a470618180e4eaf891968eee37f67a05462267d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440184
alt-svc
h3=":443"; ma=86400
content-length
8798
x-xss-protection
1; mode=block
last-modified
Sun, 18 Nov 2018 14:54:00 GMT
server
cloudflare
etag
"5bf17d08-225e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HMDZJwgqWWnX7oUEL%2Bt7%2FcA%2BbehaiNjk4Vmj9cInNG%2BlocAyio5vH9VJgrpx53blS2m5SDX2hasC7K4CjthmqGg0McUAoUqB44X2jl6p5Y8vgoWTvZvtGtUQ49mzmSVXOaan1HR3f3GjrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8addbbafae519220-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e73bb5f77e8e9a987c3b027cef77b42078d2bacb3b1c3cdf4f3b0b53cece8a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80946
x-xss-protection
0
last-modified
Sun, 04 Aug 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Aug 2024 10:06:09 GMT
watch.js
mc.yandex.ru/metrika/ 		157 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1f43f5be4a946ef23abe990f254f96f531d8a685477d7ec9141d99671840ceb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
date
Sun, 04 Aug 2024 10:06:10 GMT
last-modified
Fri, 02 Aug 2024 10:23:46 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66acb3b2-de15"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56853
expires
Sun, 04 Aug 2024 11:06:10 GMT
styles.css
direct.avticket.ru/mewtwo/ 		167 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/mewtwo/styles.css?locale=ru&rtl=false&v=002
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:09 GMT
content-encoding
gzip
last-modified
Sunday, 04-Aug-2024 10:06:09 UTC
etag
W/"66ab6f58-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
4331d933ff5330640bd5fcd1018868ec
expires
Sun, 04 Aug 2024 10:36:09 GMT
whitelabel_ru.js
direct.avticket.ru/widgets_static/ 		310 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/widgets_static/whitelabel_ru.js?locale=ru&rtl=false&v=002
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c1c18507b1ceee0b5e7b28f4e80127aa9b7551f40c0181b1ed2e01dc2a40c7cb

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:10 GMT
content-encoding
gzip
last-modified
Sunday, 04-Aug-2024 10:06:09 UTC
etag
W/"66ab6f5d-4d9cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
d587de8f1443424d731dadbdf414d356
expires
Sun, 04 Aug 2024 10:36:09 GMT
js
www.googletagmanager.com/gtag/ 		285 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0063af5326ae8d945a6ba0231d02ded55b859822595108a9f6f74b387a0558d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98935
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 10:06:10 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 04 Aug 2024 09:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3065
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 04 Aug 2024 11:15:05 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10451.Dv64ujSwgPTKXT7RMVx-OwCojgWljB4HmgbxHqsV0Kf1-MBgBpT8YFycTmffZXJs.rQrCZCg6nsgVMQjJdDbw7uubEb0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10451.7z5ekzzSl5117f82W4PhO7xKeXj0C-6toI5zRoolV2qtvu24BcRKNTIkPjl5HNuGJZgGH6SZ4lES_OPsnfrcQI40X3RYlO69TFHcULTbjNxJUOqdVH-S2F0vuohECI-vWDdRgP1NwC...
43 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10451.7z5ekzzSl5117f82W4PhO7xKeXj0C-6toI5zRoolV2qtvu24BcRKNTIkPjl5HNuGJZgGH6SZ4lES_OPsnfrcQI40X3RYlO69TFHcULTbjNxJUOqdVH-S2F0vuohECI-vWDdRgP1NwCSYWPctN6mv8pESuwpvSehiFKUrfoeZTGuU2xjlZeCy5DgV7ESoXIb3JX5AWJEUv7iMMxxTTS2KzhGTzz5jFiqH5ZoMcqgUB8Y%2C.gXRyLcosukKgfvVRl2LNB2WQKCs%2C
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Aug 2024 10:06:11 GMT
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10451.7z5ekzzSl5117f82W4PhO7xKeXj0C-6toI5zRoolV2qtvu24BcRKNTIkPjl5HNuGJZgGH6SZ4lES_OPsnfrcQI40X3RYlO69TFHcULTbjNxJUOqdVH-S2F0vuohECI-vWDdRgP1NwCSYWPctN6mv8pESuwpvSehiFKUrfoeZTGuU2xjlZeCy5DgV7ESoXIb3JX5AWJEUv7iMMxxTTS2KzhGTzz5jFiqH5ZoMcqgUB8Y%2C.gXRyLcosukKgfvVRl2LNB2WQKCs%2C
date
Sun, 04 Aug 2024 10:06:11 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:11 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 02 Aug 2024 10:23:46 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66acb3b2-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 04 Aug 2024 11:06:11 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 16C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://direct.avticket.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1045
content-type
text/html
date
Sun, 04 Aug 2024 10:06:11 GMT
etag
"66acb3b2-415"
expires
Sun, 04 Aug 2024 11:06:11 GMT
last-modified
Fri, 02 Aug 2024 10:23:46 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
collect
www.google-analytics.com/j/ 		15 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1700855381&t=pageview&_s=1&dl=https%3A%2F%2Fdirect.avticket.ru%2F&ul=nl-nl&de=UTF-8&dt=%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D0%B8%D0%B0%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1246168764&gjid=1793503115&cid=850955752.1722765971&tid=UA-70090146-9&_gid=2103545695.1722765971&_r=1&_slc=1&gtm=45He47v0n81M47KB56v78526466za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&npa=1&z=733902590
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
10371d1a9b5f1dd1bacb5b706fdc5a10e5e72d5d26636bcaccd230a165f8b16b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:06:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.avticket.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6C1GFWKMT9&gtm=45je47v0v893968163z878526466za200zb78526466&_p=1722765969743&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=850955752.1722765971&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722765971&sct=1&seg=0&dl=https%3A%2F%2Fdirect.avticket.ru%2F&dt=%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D0%B8%D0%B0%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B8&en=page_view&_fv=1&_ss=1&tfd=4914
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:06:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.avticket.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		273 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dd245009c08c34314788b17cae6f3a20468d23fbb60a97aa7237f531f2740bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96500
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 04 Aug 2024 10:06:11 GMT
main.css
direct.avticket.ru/ 		2 MB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/main.css
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
a6cb4c91723ee879e398f4eb4eaf98b23b91eb8d1ef8367fc22bce64d7332e2d

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:10 GMT
content-encoding
gzip
last-modified
Sunday, 04-Aug-2024 10:06:09 UTC
etag
W/"669e4ba0-1b9126"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
cb497a73949eddfd94e9645caa895df9
expires
Sun, 04 Aug 2024 10:36:09 GMT
1
mc.yandex.com/watch/51111032/
Redirect Chain
  • https://mc.yandex.com/watch/51111032?wmode=7&page-url=https%3A%2F%2Fdirect.avticket.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2qqu4bjae6sn44tmthid3iazrv%3Afu%3A0%3Aen%3Autf-8%3A...
  • https://mc.yandex.com/watch/51111032/1?wmode=7&page-url=https%3A%2F%2Fdirect.avticket.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2qqu4bjae6sn44tmthid3iazrv%3Afu%3A0%3Aen%3Autf-8%...
511 B
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/51111032/1?wmode=7&page-url=https%3A%2F%2Fdirect.avticket.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2qqu4bjae6sn44tmthid3iazrv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A1036657329156%3Ahid%3A51983571%3Az%3A120%3Ai%3A20240804120610%3Aet%3A1722765971%3Ac%3A1%3Arn%3A840975279%3Arqn%3A1%3Au%3A1722765971354066791%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3637%3Ads%3A0%2C3190%2C176%2C3%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C3587%3Aco%3A0%3Acpf%3A1%3Ans%3A1722765966159%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722765971%3At%3A%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D0%B8%D0%B0%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178756%29ti%281%29
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a1d1311c092d2776f15d448ccdfa5a21873109266c07f53de438dc7e940f1bd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Aug 2024 10:06:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 04-Aug-2024 10:06:11 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://direct.avticket.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
511
x-xss-protection
1; mode=block
expires
Sun, 04-Aug-2024 10:06:11 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 04 Aug 2024 10:06:11 GMT
last-modified
Sun, 04-Aug-2024 10:06:11 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/51111032/1?wmode=7&page-url=https%3A%2F%2Fdirect.avticket.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A2qqu4bjae6sn44tmthid3iazrv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1401%3Acn%3A1%3Adp%3A0%3Als%3A1036657329156%3Ahid%3A51983571%3Az%3A120%3Ai%3A20240804120610%3Aet%3A1722765971%3Ac%3A1%3Arn%3A840975279%3Arqn%3A1%3Au%3A1722765971354066791%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3637%3Ads%3A0%2C3190%2C176%2C3%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C3587%3Aco%3A0%3Acpf%3A1%3Ans%3A1722765966159%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722765971%3At%3A%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D0%B8%D0%B0%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178756%29ti%281%29
access-control-allow-origin
https://direct.avticket.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 04-Aug-2024 10:06:11 GMT
sp.js
static.aviasales.com/snowplow/19.20.1/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.aviasales.com/snowplow/19.20.1/sp.js
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/main.ru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-74.fra56.r.cloudfront.net
Software
/
Resource Hash
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 27 May 2024 13:23:32 GMT
content-encoding
gzip
via
1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
last-modified
Wed, 20 Dec 2023 07:57:47 GMT
x-amz-cf-pop
FRA56-P5
age
5949759
etag
W/"56c168eae5c685d285eeaf940c1f21d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sVuWe3S5NC_0oAgEIR_KBOXdv9A9LHaoVnO60gYqgcgWy4oxXb4tXA==
whitelabel_ru.js
direct.avticket.ru/widgets/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/widgets/whitelabel_ru.js
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/main.ru.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
813f516fcc810f37188aa09a4810992262bf3c7f4fe2da904a7c7d3cddb5d5dd

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-robots-tag
noindex
date
Sun, 04 Aug 2024 10:06:11 GMT
content-encoding
br
content-type
application/javascript
cache-control
no-store
timing-allow-origin
*
link
</mewtwo/styles.css>; rel=preload; as=style, </widgets_static/whitelabel_ru.js>; rel=preload; as=script
content-length
1855
x-promo-id
4237
x-request-id
641bdc9e2499a4b7c5f5e224fa028470
truncated
/ 		252 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
228b90df125ee9c3b0e37af169ce844765a8c4c4b25e2abe20cebe15dd22d8fd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
currency-regular-webfont.woff2
www.travelpayouts.com/currency_fonts/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.travelpayouts.com/currency_fonts/currency-regular-webfont.woff2
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/main.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
4ba3cac275ae4d06824607aa55da87e077a60cc9608aa0d6d8b6004922573d2e

Request headers

Referer
https://direct.avticket.ru/
Origin
https://direct.avticket.ru
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:11 GMT
last-modified
Tue, 30 Jul 2024 13:57:15 GMT
server
nginx
etag
"66a8f13b-e08"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3592
x-request-id
89aab6f548128be131a73bb03a4d47c3
expires
Thu, 31 Dec 2037 23:55:55 GMT
set
mamka.aviasales.ru/third_party_cookies/ 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-08-04T10%3A06%3A11.628Z
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:11 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
as_white.png
www.travelpayouts.com/powered_by/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelpayouts.com/powered_by/img/as_white.png
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d0589d5659fc515823476ca25f93952d3f8e0657cdd243f77102c024ae558234

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:11 GMT
last-modified
Mon, 08 Jul 2024 10:55:27 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
6443
x-request-id
e4d78dd33944593b2f602437c8946e82
as.png
www.travelpayouts.com/powered_by/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelpayouts.com/powered_by/img/as.png
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b3e494704e629f351a154a2dd3083545a149ac84697dea01f894868215fc961c

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
last-modified
Mon, 08 Jul 2024 10:55:27 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
6536
x-request-id
f622e36849b03373fc12e81f3039c1f2
truncated
/ 		348 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cd533223411d5bab615e57af6eab20ecd15e20bc76f12487a38c0daf82e54cc

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1HXW6H26GB&gtm=45je47v0v9126237212za200&_p=1722765969743&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&ul=nl-nl&sr=1600x1200&cid=850955752.1722765971&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fdirect.avticket.ru%2F&dt=%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D0%B8%D0%B0%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B8&sid=1722765971&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5599
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:06:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.avticket.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1HXW6H26GB&cid=850955752.1722765971&gtm=45je47v0v9126237212za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3&npa=1&frm=0&tag_exp=95250753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:06:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.avticket.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1HXW6H26GB&cid=850955752.1722765971&gtm=45je47v0v9126237212za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3&npa=1&frm=0&tag_exp=95250753&tag_exp=95250753&z=656877675
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:06:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
direct.avticket.ru/mewtwo/ 		167 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/mewtwo/styles.css
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
content-encoding
gzip
last-modified
Sunday, 04-Aug-2024 10:06:12 UTC
etag
W/"66ab6f58-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
3274f398a533ac282edc57fb01fe991c
expires
Sun, 04 Aug 2024 10:36:12 GMT
whitelabel_ru.js
direct.avticket.ru/widgets_static/ 		310 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/widgets_static/whitelabel_ru.js
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c1c18507b1ceee0b5e7b28f4e80127aa9b7551f40c0181b1ed2e01dc2a40c7cb

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
content-encoding
gzip
last-modified
Sunday, 04-Aug-2024 10:06:12 UTC
etag
W/"66ab6f5d-4d9cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=1800
x-request-id
caf997d38b7c428e6f589ab46313a21a
expires
Sun, 04 Aug 2024 10:36:12 GMT
j.gif
avsplow.com/a/
Redirect Chain
  • https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
  • https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_ru%22,%22trace_id%22:%22Zzaf5df5ea...
43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_ru%22,%22trace_id%22:%22Zzaf5df5ea744440ad9de7f28e-45009%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Server
188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43

Redirect headers

date
Sun, 04 Aug 2024 10:06:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
location
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_ru%22,%22trace_id%22:%22Zzaf5df5ea744440ad9de7f28e-45009%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
set
mamka.aviasales.ru/third_party_cookies/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-08-04T10%3A06%3A12.062Z&mamka_attempts=1
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
styles.css
direct.avticket.ru/mewtwo/ 		167 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/mewtwo/styles.css?v=002
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/widgets_static/whitelabel_ru.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
content-encoding
gzip
last-modified
Sunday, 04-Aug-2024 10:06:12 UTC
etag
W/"66ab6f58-29ce6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
x-request-id
72c019e4850b4d23d6a2733a92a3e52c
expires
Sun, 04 Aug 2024 10:36:12 GMT
whereami
direct.avticket.ru/ 		148 B
295 B 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/whereami?locale=ru&callback=mewtwoForms.geoIPSetter.lang_ru
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/widgets_static/whitelabel_ru.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
67d081caadd3f404f68cd9314c4c27b858746f94b4539e30b4f590915d02eccf

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 04 Aug 2024 10:06:12 GMT
content-encoding
br
content-length
145
x-request-id
e8e78e493e38e63d7c6a5e5bb831a4d3
content-type
application/x-javascript; charset=utf-8
powered_by.js
travelpayouts.com/powered_by/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://travelpayouts.com/powered_by/powered_by.js
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/widgets_static/whitelabel_ru.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
016f1f91f76c1bd7fc3f4d54492c2b0bc9f5a7e17efec6026e1d403cabb46a49

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
content-encoding
br
last-modified
Mon, 08 Jul 2024 10:55:27 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache
x-robots-tag
noindex
x-request-id
361c6463bf08736ae633d339722f7f36
tp_white.png
www.travelpayouts.com/powered_by/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.travelpayouts.com/powered_by/img/tp_white.png
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
2b987833855741a74ca43f6003d83d784ed04ff8a496ea912ea48a1433f87f84

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
last-modified
Mon, 08 Jul 2024 10:55:27 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache
accept-ranges
bytes
x-robots-tag
noindex
content-length
2672
x-request-id
4030f05db8110dfe2f9b3f62a1df02d8
truncated
/ 		611 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c71b07b566c21bb9568863cb5052875568d3476628dc7233105631e534ef3e20

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		381 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39761ae985af2aa4c486580e4508a137f743f226008d1b6a793ff0a12d07dfaa

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		129 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c1ae78b39082dd7d8db20a72aaf45424b2590c5f29e4f218e67099286b521a3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		903 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c68573d57af2167a699c645236af00bf91e103bca25e851b7e6245605fdcacda

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
set
mamka.aviasales.ru/third_party_cookies/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-08-04T10%3A06%3A12.612Z&mamka_attempts=2
Requested by
Host: direct.avticket.ru
URL: https://direct.avticket.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
favicon.ico
direct.avticket.ru/ 		19 B
179 B 		Other
General
Check archive.org
Download Go to
Full URL
https://direct.avticket.ru/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.111.238.40 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:12 GMT
x-content-type-options
nosniff
content-length
19
x-request-id
732a072646183e9df2f3ffbe918cb27e
content-type
text/plain; charset=utf-8
set
mamka.aviasales.ru/third_party_cookies/ 		0
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-08-04T10%3A06%3A15.163Z&mamka_attempts=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 10:06:15 GMT
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6C1GFWKMT9&gtm=45je47v0v893968163za200zb78526466&_p=1722765969743&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250752&cid=850955752.1722765971&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1722765971&sct=1&seg=0&dl=https%3A%2F%2Fdirect.avticket.ru%2F&dt=%D0%94%D0%B5%D1%88%D0%B5%D0%B2%D1%8B%D0%B5%20%D0%B0%D0%B2%D0%B8%D0%B0%D0%B1%D0%B8%D0%BB%D0%B5%D1%82%D1%8B%20%D0%B8%20%D0%BE%D1%82%D0%B5%D0%BB%D0%B8&en=scroll&epn.percent_scrolled=90&_et=4&tfd=9918
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://direct.avticket.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 10:06:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://direct.avticket.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| GEOIP object| TPWLCONFIG function| loadCSS boolean| MewtwoIsLoaded object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| Ya object| yaCounter51111032 object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady object| mamka_queue function| setImmediate function| clearImmediate function| cssx string| TP_WL_LOCALE function| ResizeSensor object| TP_DISPATCHER function| f object| GSN function| mamka object| TP_POWERED_BY_DATA boolean| TP_MEWTWO_SKIPSTYLES object| TP_FORM_SETTINGS string| _location object| TP_PERF_METRICS object| mewtwo boolean| mewtwoFormsInitialized boolean| mewtwoFormsStylesLoaded object| mewtwoForms object| TP_POWERED_BY

32 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: i
Value: xti1o1P7ajjQXKS2qVloM2zE5KwWa5DpotaEzv36eWaw0KggBQVwtTJoZ8HzIslqx0QOhGm8PJRBt4vDc5fvqz3J3GE=
.yandex.ru/ Name: yandexuid
Value: 3532467441722765970
.yandex.ru/ Name: yashr
Value: 2787699691722765970
.avticket.ru/ Name: _ym_uid
Value: 1722765971354066791
.avticket.ru/ Name: _ym_d
Value: 1722765971
.avticket.ru/ Name: _gid
Value: GA1.2.2103545695.1722765971
.avticket.ru/ Name: _gat_UA-70090146-9
Value: 1
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3231354716fake
.avticket.ru/ Name: _ga
Value: GA1.1.850955752.1722765971
.avticket.ru/ Name: _ga_6C1GFWKMT9
Value: GS1.1.1722765971.1.0.1722765971.0.0.0
.yandex.com/ Name: yashr
Value: 1299614121722765971
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1879963714fake
.avticket.ru/ Name: _ym_isad
Value: 2
.yandex.com/ Name: yandexuid
Value: 3532467441722765970
.yandex.com/ Name: yuidss
Value: 3532467441722765970
.yandex.com/ Name: i
Value: xti1o1P7ajjQXKS2qVloM2zE5KwWa5DpotaEzv36eWaw0KggBQVwtTJoZ8HzIslqx0QOhGm8PJRBt4vDc5fvqz3J3GE=
.yandex.com/ Name: yp
Value: 1722852371.yu.9521292371722765971
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1349967001722765971
.yandex.com/ Name: ymex
Value: 1725357971.oyu.9521292371722765971#1754301971.yrts.1722765971
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.avticket.ru/ Name: mtdc_jSxLs
Value: true
direct.avticket.ru/ Name: locale
Value: ru
.avticket.ru/ Name: marker
Value: 45009.%241489
.yandex.com/ Name: bh
Value: KgI/MGCTpb21Bg==
direct.avticket.ru/ Name: cookie_policy_accepted
Value: true
direct.avticket.ru/ Name: currency
Value: RUB
.avticket.ru/ Name: _ga_1HXW6H26GB
Value: GS1.2.1722765971.1.0.1722765971.60.0.0
.avticket.ru/ Name: _ym_visorc
Value: w
.avticket.ru/ Name: _sp_ses.1a70
Value: *
.avticket.ru/ Name: _sp_id.1a70
Value: 1066c677-a429-4422-903c-001d3d3d6012.1722765972.1.1722765972.1722765972.777d53e0-d0be-48da-b6ac-32d2307077de
.avsplow.com/ Name: nuid
Value: 9ab25dee-e1f4-41d9-981b-f980d80ad376

1 Console Messages

Source Level URL
Text
network error URL: https://direct.avticket.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avsplow.com
avticket.ru
direct.avticket.ru
mamka.aviasales.ru
mc.yandex.com
mc.yandex.ru
region1.analytics.google.com
region1.google-analytics.com
static.aviasales.com
stats.g.doubleclick.net
travelpayouts.com
www.google-analytics.com
www.google.nl
www.googletagmanager.com
www.travelpayouts.com
142.250.181.232
172.255.224.36
18.66.112.74
185.106.81.236
188.42.198.44
2001:4860:4802:34::36
23.111.238.40
2606:4700:3037::ac43:82da
2a00:1450:4001:800::2003
2a00:1450:4001:809::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
2a02:6b8::1:119
0063af5326ae8d945a6ba0231d02ded55b859822595108a9f6f74b387a0558d1
016f1f91f76c1bd7fc3f4d54492c2b0bc9f5a7e17efec6026e1d403cabb46a49
08790ba4b57f633f9de23741a470618180e4eaf891968eee37f67a05462267d8
0cd533223411d5bab615e57af6eab20ecd15e20bc76f12487a38c0daf82e54cc
10371d1a9b5f1dd1bacb5b706fdc5a10e5e72d5d26636bcaccd230a165f8b16b
1c1ae78b39082dd7d8db20a72aaf45424b2590c5f29e4f218e67099286b521a3
1e0622744b303962d23dbe3572d573ec98c2554a3b2d46d62ce37a713695669d
1f43f5be4a946ef23abe990f254f96f531d8a685477d7ec9141d99671840ceb7
228b90df125ee9c3b0e37af169ce844765a8c4c4b25e2abe20cebe15dd22d8fd
2b987833855741a74ca43f6003d83d784ed04ff8a496ea912ea48a1433f87f84
39761ae985af2aa4c486580e4508a137f743f226008d1b6a793ff0a12d07dfaa
4ba3cac275ae4d06824607aa55da87e077a60cc9608aa0d6d8b6004922573d2e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32
67d081caadd3f404f68cd9314c4c27b858746f94b4539e30b4f590915d02eccf
813f516fcc810f37188aa09a4810992262bf3c7f4fe2da904a7c7d3cddb5d5dd
8e73bb5f77e8e9a987c3b027cef77b42078d2bacb3b1c3cdf4f3b0b53cece8a7
93421a951ea6aac4b2c8a78efe06313e8096973bf0033b19053a1bbd06163de1
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d
a1d1311c092d2776f15d448ccdfa5a21873109266c07f53de438dc7e940f1bd4
a6cb4c91723ee879e398f4eb4eaf98b23b91eb8d1ef8367fc22bce64d7332e2d
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793
b3e494704e629f351a154a2dd3083545a149ac84697dea01f894868215fc961c
bafb742d79b863432e10d1a6a41b200e87bd16c2573da629629cb5d7fc6432e0
c1c18507b1ceee0b5e7b28f4e80127aa9b7551f40c0181b1ed2e01dc2a40c7cb
c68573d57af2167a699c645236af00bf91e103bca25e851b7e6245605fdcacda
c71b07b566c21bb9568863cb5052875568d3476628dc7233105631e534ef3e20
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d0589d5659fc515823476ca25f93952d3f8e0657cdd243f77102c024ae558234
dd245009c08c34314788b17cae6f3a20468d23fbb60a97aa7237f531f2740bb2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629