avp.travel.ru Open in urlscan Pro
2606:4700:20::ac43:4aab Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://avp.travel.ru/
Effective URL:
https://avp.travel.ru/
Submission Tags: gov ru h8 leak city l4ing sub Search All
Submission: On September 06 via manual (September 6th 2022, 12:14:56 pm UTC) from UA — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 2606:4700:20::ac43:4aab, located in United States and belongs to CLOUDFLARENET, US. The main domain is avp.travel.ru.
TLS certificate: Issued by E1 on September 1st 2022. Valid for: 3 months.

This is the only time avp.travel.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	2606:4700:20:... 2606:4700:20::ac43:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:15f8:a00... 2a00:15f8:a000:5:1:12:2:9490	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
17	3

16 2606:4700:20::ac43:4aab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

avp.travel.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.travel.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:15f8:a000:5:1:12:2:9490 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

www.alltrains.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	travel.ru 1 redirects avp.travel.ru img.travel.ru	147 KB
1	alltrains.ru www.alltrains.ru
0	wplus.net Failed on.wplus.net Failed
17	3

	Domain	Requested by
14	avp.travel.ru	1 redirects avp.travel.ru
2	img.travel.ru	avp.travel.ru
1	www.alltrains.ru	avp.travel.ru
0	on.wplus.net Failed	avp.travel.ru
17	4

This site contains no links.

Subject Issuer	Validity	Valid
*.travel.ru E1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.alltrains.ru R3	`2022-07-21` - `2022-10-19`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://avp.travel.ru/
Frame ID: D312EC8A08384CBDD552C6B2FF4DC163
Requests: 1 HTTP requests in this frame

Frame: https://avp.travel.ru/ugol_avp.htm
Frame ID: 1EF263032DE33705AE888B8DC98A9C3F
Requests: 3 HTTP requests in this frame

Frame: https://avp.travel.ru/verh_avp.htm
Frame ID: D5EBFF3069F101A0A0A35509D0DB4EEF
Requests: 2 HTTP requests in this frame

Frame: https://avp.travel.ru/menu_avp.htm
Frame ID: 233BEEE3B28FF0711C7CEC500903ADEF
Requests: 2 HTTP requests in this frame

Frame: https://avp.travel.ru/AVP_99.htm
Frame ID: 9587E453CB779360B80A0F68B4FC94DE
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Академия Вольных Путешествий (Москва)

Page URL History Show full URLs

http://avp.travel.ru/ HTTP 301
https://avp.travel.ru/ Page URL

Page Statistics

17
Requests

94 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

146 kB
Transfer

203 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://avp.travel.ru/ HTTP 301
https://avp.travel.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response avp.travel.ru/ Redirect Chain http://avp.travel.ru/ https://avp.travel.ru/	1001 B 980 B	174ms 128ms	Document text/html	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://avp.travel.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dae6e7cdd5196377978ca42045614b8c1cf2cb97a5c1f6175a5951174c5d8fea` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 746720891d259960-FRA content-encoding br content-type text/html date Tue, 06 Sep 2022 12:14:55 GMT last-modified Thu, 29 Dec 2016 15:51:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBlYxNJ393mqEmDZX1HSfeAtGcllx4IOIpDrMMLXqyugo%2FANzRXKya268FZ%2BKKT%2FW6qB26R1ycrvvUIUvk%2FG1XAq%2FxLchZljBrKB0J5ZK2W2sBKmu8h9sxFlxyJgAUa7LspvGIp%2F9qYYkDk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers CF-RAY 74672088add59bc8-FRA Cache-Control max-age=3600 Connection keep-alive Date Tue, 06 Sep 2022 12:14:54 GMT Expires Tue, 06 Sep 2022 13:14:54 GMT Location https://avp.travel.ru/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HY%2FV6cms7ksOay7WaftuDY37yhiObrYhUbynhaYKzoRthgVm9GOZ8c%2Bau4lsAIKAug2Ix5rQbXbkUvAvYOUUEJEr94V7mgbNFjusYpDikAoj%2FwbZzr311oppwSw%2B32bUFbSH2QTfRMymueQ%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ugol_avp.htm Show response avp.travel.ru/ Frame 1EF2	842 B 731 B	73ms 72ms	Document text/html	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://avp.travel.ru/ugol_avp.htm Requested by Host: avp.travel.ru URL: https://avp.travel.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `79ea37dd26353c863095489007103003db672660f6d960961e75b925a5bc740f` Request headers Referer https://avp.travel.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7467208a1ea59960-FRA content-encoding br content-type text/html date Tue, 06 Sep 2022 12:14:55 GMT last-modified Thu, 29 Dec 2016 15:51:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktnhllqDIHK0Zh%2FYJ9LX4PS60R0K9Wvu9IVATrS3POVyJtnRxAt6%2FPAoyGuhE52aE30AoSWlKmoa4oJeIDjEWRmTN0DE9f48wGddud5nysZ%2Bv7dyPDe%2FIfhB8umVtDwrM1BJc5dc%2BlufRoA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	verh_avp.htm Show response avp.travel.ru/ Frame D5EB	4 KB 2 KB	111ms 111ms	Document text/html	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://avp.travel.ru/verh_avp.htm Requested by Host: avp.travel.ru URL: https://avp.travel.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8ce1049678c8813ea741bf31caea7deb3413ac7ae95c67bdb833abc7679122e3` Request headers Referer https://avp.travel.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7467208a1ea69960-FRA content-encoding br content-type text/html date Tue, 06 Sep 2022 12:14:55 GMT last-modified Thu, 29 Dec 2016 15:51:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJ927nUg0So8A8iXM%2B%2FnqxC1%2B2GGkPEoSmmVfX7VYMT%2FbJWNhYF9nifNufHMZFrxr1bIhu6nY6JvJ327qmiJbClqh5Xkv9VOXusAAEwoyse0zTwsRAkBXbuqs4ETFpEmAV%2Bg3VxjwfJXxqA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	menu_avp.htm Show response avp.travel.ru/ Frame 233B	11 KB 3 KB	97ms 97ms	Document text/html	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://avp.travel.ru/menu_avp.htm Requested by Host: avp.travel.ru URL: https://avp.travel.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f0c928be2022fea94ce296850a9cd7ab6ef1ca5fafb265c080daa5d33bc3b72a` Request headers Referer https://avp.travel.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7467208a1ea99960-FRA content-encoding br content-type text/html date Tue, 06 Sep 2022 12:14:55 GMT last-modified Thu, 29 Dec 2016 15:51:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Rn1BwEcvEla8tzm3b%2F%2BCXd%2BRbBowIL%2BH5AyVVOgfYGAwdNmxGAqV5D0bJLkFkeyPhPWBhR7RSrP3sg5dYUaAk3JQGF9bjmr9kJmF6xLKp%2B2MSDWHW9qCsS50pVcoqu%2FS4VCt67TsgTQrgU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	AVP_99.htm Show response avp.travel.ru/ Frame 9587	83 KB 31 KB	110ms 110ms	Document text/html	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://avp.travel.ru/AVP_99.htm Requested by Host: avp.travel.ru URL: https://avp.travel.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b47258b33e9749c1951b629a90009af6e62ae986c16bdb8723a2113ef2268a4b` Request headers Referer https://avp.travel.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7467208a1eb19960-FRA content-encoding br content-type text/html date Tue, 06 Sep 2022 12:14:55 GMT last-modified Thu, 29 Dec 2016 15:51:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2F73A9Wke%2FjTUMvgcuASFcPcRgEpdZ%2Fi2Ezy2aUhrcF%2FasayAt9n%2FFojYTumPxGVpRJix47vF4VdAUerFufU62wWVBynbglBSw862LhsZ1krQYkfGvW2aOu0lGZTSG3B3%2F5w2AX3dPx9WvY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	logo.gif img.travel.ru/n/ Frame 1EF2	1 KB 2 KB	70ms 48ms	Image image/webp	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.travel.ru/n/logo.gif Requested by Host: avp.travel.ru URL: https://avp.travel.ru/ugol_avp.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b4d1b80e525d5c0274899e240920c4fb83366c7feea4b7aafaa14d15b24325fa` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 17029 cf-polished origFmt=gif, origSize=1467 content-disposition inline; filename="logo.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1216 last-modified Fri, 14 Jan 2005 16:38:53 GMT server cloudflare etag "41e7f59d-5bb" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL9iDlOEpgdz0e4tn6y6aG8hv8%2BBbCf1snkBw9f7t4gZexgI8S7rRwEjKMiDP6Uq1E%2FKiDRf5TRBeA4zavHfDUQS%2BlNCvz2ixdNUiHvNsKaQJnkNcrg0lTzsgmQcNTylqVTT1K%2B8j08vv%2BM%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp expires Wed, 06 Sep 2023 07:31:06 GMT cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7467208acfd69960-FRA cf-bgj imgq:85,h2pri
GET H3	200	chalk.jpg avp.travel.ru/ Frame 1EF2	1 KB 2 KB	106ms 105ms	Image image/jpeg	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avp.travel.ru/chalk.jpg Requested by Host: avp.travel.ru URL: https://avp.travel.ru/ugol_avp.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9897df02eb53186ac9f9cf7fbd5bdb771634c06bb7fe1067314faa83f226580` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/ugol_avp.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status MISS last-modified Thu, 29 Dec 2016 15:51:34 GMT server cloudflare etag "58653106-5c0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRdJ8r%2FpBH%2Fy9E36IKmgrI2kJM4zEZm%2BIcoluqQN27DyJwv9wB78OPkzB8M8uuvtCjyDnFtcliKFN8lS9soig3ERPDfSCmWpJx9powovpKHHCH%2FilwfC%2FemMqjJUtYeux78Bye3lM6WK78U%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7467208aab86bb59-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1472
GET H3	200	avp_banner_az.gif avp.travel.ru/ Frame 9587	15 KB 16 KB	139ms 139ms	Image image/gif	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avp.travel.ru/avp_banner_az.gif Requested by Host: avp.travel.ru URL: https://avp.travel.ru/AVP_99.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `af0ab2934518c3ef0705c71ae6f79c84a5281ad0dc704ae9c9880c2f59e3987d` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/AVP_99.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status MISS last-modified Thu, 29 Dec 2016 15:51:34 GMT server cloudflare etag "58653106-3d97" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQo9cJXWQ2uykBRyt5%2B2WNhOtiurC%2F10DG5wD2%2BWMrE6CqHI4%2F0vs69YL8bE5sJDaSU1VTTab3UitwQVcwS1600ZLvUpRCIBT8PqVLDVWzMmo3y6Uv4fFlxvI332ZDNFK3Q7VvhrW3ATtUs%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7467208aebd6bb59-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15767
GET H3	200	chalk.jpg avp.travel.ru/ Frame D5EB	464 B 1 KB	85ms 85ms	Image image/webp	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avp.travel.ru/chalk.jpg Requested by Host: avp.travel.ru URL: https://avp.travel.ru/verh_avp.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b263b53c2cf9865fbfef3544c0168fa26404681c6e8ac669f429982968ddb791` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/verh_avp.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 0 cf-polished qual=85, origFmt=jpeg, origSize=1472 content-disposition inline; filename="chalk.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 464 last-modified Thu, 29 Dec 2016 15:51:34 GMT server cloudflare etag "58653106-5c0" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfu1Ckn46HxIwS8zlYOmRJataLUYwm%2FrMK%2FHGfoLtK7k1ZqfNcxjDvGu7E31Lg%2F987WVsPxhY4wsBVTcA1ZdvWvxTl3ozm9RvpUELis9NoZy6cT9vBnRAq%2B7h84O0dJZ42xQcy%2FINpPyKtA%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=2678400 accept-ranges bytes cf-ray 7467208aebd8bb59-FRA cf-bgj imgq:85,h2pri
GET H3	200	chalk.jpg avp.travel.ru/ Frame 233B	464 B 1 KB	86ms 86ms	Image image/webp	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avp.travel.ru/chalk.jpg Requested by Host: avp.travel.ru URL: https://avp.travel.ru/menu_avp.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b263b53c2cf9865fbfef3544c0168fa26404681c6e8ac669f429982968ddb791` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/menu_avp.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 0 cf-polished qual=85, origFmt=jpeg, origSize=1472 content-disposition inline; filename="chalk.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 464 last-modified Thu, 29 Dec 2016 15:51:34 GMT server cloudflare etag "58653106-5c0" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7opwtCpKDwHWIeNYR2CUcgqIAMECctCgyeuT%2BwY3M9juOBAEAslRWRJSHmxsQ0mrB%2F9yrXm%2BiVnrB4XsJg1Lghd3t9SpTgQb%2BRQ6%2BTjqiYhaEztIBj%2FTKoYn2RyI%2F5ClbkifDVJ8Fd0FJI%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=2678400 accept-ranges bytes cf-ray 7467208aebe7bb59-FRA cf-bgj imgq:85,h2pri
GET H3	200	chalk.jpg avp.travel.ru/ Frame 9587	464 B 1 KB	50ms 49ms	Image image/webp	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avp.travel.ru/chalk.jpg Requested by Host: avp.travel.ru URL: https://avp.travel.ru/AVP_99.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b263b53c2cf9865fbfef3544c0168fa26404681c6e8ac669f429982968ddb791` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/AVP_99.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 0 cf-polished qual=85, origFmt=jpeg, origSize=1472 content-disposition inline; filename="chalk.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 464 last-modified Thu, 29 Dec 2016 15:51:34 GMT server cloudflare etag "58653106-5c0" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftQ97YbuTexJxYBO%2FUJzSTdlfp2NvB%2B%2BsfuGOImYQMMIoWxz6FM0JfzJNRacsVSnTzSdnM8r55dp9cOmRTUD8hfARgZ1U3VXHxmPbnCj5KwmKQIPUq%2BqjcdhFq1aYsjRyD%2FA0ReRpchWnJo%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=2678400 accept-ranges bytes cf-ray 7467208b1c19bb59-FRA cf-bgj imgq:85,h2pri
GET H3	200	line1.gif avp.travel.ru/ Frame 9587	4 KB 5 KB	103ms 102ms	Image image/gif	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avp.travel.ru/line1.gif Requested by Host: avp.travel.ru URL: https://avp.travel.ru/AVP_99.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b4c14ce9498275f643b9dbb19795c2d344e07fc2b9ecfad93404f6171218bff6` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/AVP_99.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status MISS last-modified Thu, 29 Dec 2016 15:51:34 GMT server cloudflare etag "58653106-118b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5ePI8xUt%2FBaaDwMeFtFVbr5ycCBkR6%2BGppdqj1MHZ7XIc8mv7HO3tJf7p0xUZR3rwmU7eHMw4BctxMBakJbN3KAtJSmDVr6ZA%2BYFTaf1limRfziQqzdN9AOxlk1ettqm0I9fNBw042%2FBK0%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7467208b3c56bb59-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4491
GET H3	200	logo.gif img.travel.ru/n/ Frame 9587	1 KB 2 KB	99ms 98ms	Image image/gif	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.travel.ru/n/logo.gif Requested by Host: avp.travel.ru URL: https://avp.travel.ru/AVP_99.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7e8ddb18835b38142eb61541b46fb7693d71809774577888a0e557581fefd3cc` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status MISS last-modified Fri, 14 Jan 2005 16:38:53 GMT server cloudflare etag "41e7f59d-5bb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3IGU4U55EOPzrZm4zomucmVMyoPrqJJT3AlxPOeLc%2FvCsvDNYMzZrPVKbebmMN6Is8iDEK9Op%2BmyY0vVxWp0VoBktlOjPoMnZKOYa1M0JbMqBoNSOckjnLNZ21CVXeW5xWmwqCQEUD2eFQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7467208b4c59bb59-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1467 expires Wed, 06 Sep 2023 12:14:55 GMT
GET H3	200	otkrytie-avp.gif avp.travel.ru/logo/ Frame 9587	11 KB 12 KB	96ms 95ms	Image image/gif	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avp.travel.ru/logo/otkrytie-avp.gif Requested by Host: avp.travel.ru URL: https://avp.travel.ru/AVP_99.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3db03762deca9a96d395fb50da0426dc038cda1435611b9691f576f74c73593f` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/AVP_99.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status MISS last-modified Thu, 29 Dec 2016 15:51:36 GMT server cloudflare etag "58653108-2d5a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0VTNT404glpiyyZB2D5BPo0t4X1E%2Fr7%2BCmPw0eqeJgicsi4IilHBlQayBI5ISurOH5I5vxTtw8f4CbGoarytOg%2Fe3nA6hLYj8wXXpHJdjJ07jLyEvINpXCyVzUIzER5yWTkfKvh20KR2I4%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7467208b4c5abb59-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11610
GET H3	200	banner_vetreno.gif avp.travel.ru/logo/ Frame 9587	67 KB 67 KB	201ms 200ms	Image image/gif	2606:4700:20::ac43:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://avp.travel.ru/logo/banner_vetreno.gif Requested by Host: avp.travel.ru URL: https://avp.travel.ru/AVP_99.htm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08138d0e3e8bd91b6279ff42079e13d6e2fe2afa104e0615f6e90882d96fd8f8` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/AVP_99.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 06 Sep 2022 12:14:55 GMT cf-cache-status MISS last-modified Thu, 29 Dec 2016 15:51:36 GMT server cloudflare etag "58653108-10b68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJ6B5Nxxs7lki%2Fzf5Diq8Wv9We24dr%2B94JcuvU98EhKOCqm%2FBwkN%2BwJ%2BG7G5q7Qk3iiCakYZc3csiGz1EI3rmw8aGLgCWpoF0Zk8lGE3TbJp5tPSAUEz%2BbITb4ZH3jyQQaAqbJGBcPG51t8%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=2678400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7467208b4c5bbb59-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 68456
GET		key.gif on.wplus.net/powerteam/ Frame 9587	0 0

GET H2	404	ver88x31a.gif www.alltrains.ru/images/ Frame 9587	0 0	196ms 44ms	Image text/html	2a00:15f8:a000:5:1:12:2:9490 MASTERHOST-AS Moscow
General Check archive.org Show headers Download Go to Show image Full URL https://www.alltrains.ru/images/ver88x31a.gif Requested by Host: avp.travel.ru URL: https://avp.travel.ru/AVP_99.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:15f8:a000:5:1:12:2:9490 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://avp.travel.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: on.wplus.net
URL: https://on.wplus.net/powerteam/key.gif

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://avp.travel.ru/ugol_avp.htm Message: Mixed Content: The page at 'https://avp.travel.ru/ugol_avp.htm' was loaded over HTTPS, but requested an insecure element 'http://img.travel.ru/n/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avp.travel.ru/ugol_avp.htm(Line 24) Message: Mixed Content: The page at 'https://avp.travel.ru/ugol_avp.htm' was loaded over HTTPS, but requested an insecure element 'http://img.travel.ru/n/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avp.travel.ru/AVP_99.htm(Line 1186) Message: Mixed Content: The page at 'https://avp.travel.ru/AVP_99.htm' was loaded over HTTPS, but requested an insecure element 'http://img.travel.ru/n/logo.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avp.travel.ru/AVP_99.htm(Line 1186) Message: Mixed Content: The page at 'https://avp.travel.ru/AVP_99.htm' was loaded over HTTPS, but requested an insecure element 'http://on.wplus.net/powerteam/key.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://avp.travel.ru/AVP_99.htm Message: Mixed Content: The page at 'https://avp.travel.ru/AVP_99.htm' was loaded over HTTPS, but requested an insecure element 'http://www.alltrains.ru/images/ver88x31a.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://on.wplus.net/powerteam/key.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.alltrains.ru/images/ver88x31a.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avp.travel.ru
img.travel.ru
on.wplus.net
www.alltrains.ru
on.wplus.net
2606:4700:20::ac43:4aab
2a00:15f8:a000:5:1:12:2:9490
08138d0e3e8bd91b6279ff42079e13d6e2fe2afa104e0615f6e90882d96fd8f8
3db03762deca9a96d395fb50da0426dc038cda1435611b9691f576f74c73593f
79ea37dd26353c863095489007103003db672660f6d960961e75b925a5bc740f
7e8ddb18835b38142eb61541b46fb7693d71809774577888a0e557581fefd3cc
8ce1049678c8813ea741bf31caea7deb3413ac7ae95c67bdb833abc7679122e3
af0ab2934518c3ef0705c71ae6f79c84a5281ad0dc704ae9c9880c2f59e3987d
b263b53c2cf9865fbfef3544c0168fa26404681c6e8ac669f429982968ddb791
b47258b33e9749c1951b629a90009af6e62ae986c16bdb8723a2113ef2268a4b
b4c14ce9498275f643b9dbb19795c2d344e07fc2b9ecfad93404f6171218bff6
b4d1b80e525d5c0274899e240920c4fb83366c7feea4b7aafaa14d15b24325fa
dae6e7cdd5196377978ca42045614b8c1cf2cb97a5c1f6175a5951174c5d8fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9897df02eb53186ac9f9cf7fbd5bdb771634c06bb7fe1067314faa83f226580
f0c928be2022fea94ce296850a9cd7ab6ef1ca5fafb265c080daa5d33bc3b72a

avp.travel.ru Open in urlscan Pro 2606:4700:20::ac43:4aab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

94 %HTTPS

100 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

146 kBTransfer

203 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

avp.travel.ru Open in urlscan Pro
2606:4700:20::ac43:4aab Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

146 kB
Transfer

203 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions