urlscan.io logo urlscan.io
SecurityTrails logo

avito-mob.net Open in urlscan Pro
54.38.195.221  Public Scan

Go To Rescan Add Verdict Report
URL: https://avito-mob.net/error.php
Submission: On October 01 via manual
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 54.38.195.221, located in Poland and belongs to OVH, FR. The main domain is avito-mob.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 17th 2020. Valid for: 3 months.
This is the only time avito-mob.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 54.38.195.221 16276 (OVH)
3 1
Apex Domain
Subdomains		 Transfer
3 avito-mob.net
avito-mob.net
8 KB
3 1
Domain Requested by
3 avito-mob.net avito-mob.net
3 1

This site contains no links.

Subject Issuer Validity Valid
avito-mob.net
Let's Encrypt Authority X3		 2020-09-17 -
2020-12-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://avito-mob.net/error.php
Frame ID: D3DE1AD279D597EE37A7723D35EFE7E4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://avito-mob.net/error.php Page URL
  2. https://avito-mob.net/error.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

8 kB
Transfer

7 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://avito-mob.net/error.php Page URL
  2. https://avito-mob.net/error.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
error.php
avito-mob.net/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://avito-mob.net/error.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.195.221 , Poland, ASN16276 (OVH, FR),
Reverse DNS
antiddos.liquidy.site
Software
/
Resource Hash
d3966c2b51e5fddf37f03e396239bc0b0a1677866d7dd86def8d99fadd1bf3c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
avito-mob.net
:scheme
https
:path
/error.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
503
date
Thu, 01 Oct 2020 20:12:11 GMT
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
x-xss-protection
1; mode=block
set-cookie
KTlfO5iosvOc5snqnu4R2tibuns=1XaPtWJRuphiFeWWnc39ut0xxR4; path=/; expires=Thu, 01-Oct-20 21:11:32 GMT; Max-Age=3600; vb-I4bxTZ1zTa69zc2qmzrGN12w=1601583092; path=/; expires=Thu, 01-Oct-20 21:11:32 GMT; Max-Age=3600; Vz5S3zobFpXjGbapZ9LunpOYjuE=1601586692; path=/; expires=Thu, 01-Oct-20 21:11:32 GMT; Max-Age=3600; KrEkKIrSNV0n-_BkjkWMGHgvx7A=2ZL18r_Rq6tUjKUMjx_pzQ9a5Gc; path=/; expires=Thu, 01-Oct-20 21:11:32 GMT; Max-Age=3600;
x-frame-options
SAMEORIGIN
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
0
x-anti-ddos
@liquidy_myr
error.php
avito-mob.net/ 		0
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avito-mob.net/error.php
Requested by
Host: avito-mob.net
URL: https://avito-mob.net/error.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.195.221 , Poland, ASN16276 (OVH, FR),
Reverse DNS
antiddos.liquidy.site
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
Referer
https://avito-mob.net/error.php
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
cvd8pIkwayrzbBaIjTIa1dDzW4
50292950
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
93WwaKZt2gbX0GpVWXorEpsAJM
Fk7kxLf3Ep-lmCHlYxSqtJtlIw8

Response headers

pragma
no-cache
date
Thu, 01 Oct 2020 20:12:13 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
status
204
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-xss-protection
1; mode=block
expires
0
Primary Request error.php
avito-mob.net/ 		552 B
672 B 		Document
General
Check archive.org
Download Go to
Full URL
https://avito-mob.net/error.php
Requested by
Host: avito-mob.net
URL: https://avito-mob.net/error.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.195.221 , Poland, ASN16276 (OVH, FR),
Reverse DNS
antiddos.liquidy.site
Software
/
Resource Hash
ba06358e68429145a15d0c1cfb211cb1b82680ef0a0b3efa376c68e9c1e4ea03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
avito-mob.net
:scheme
https
:path
/error.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://avito-mob.net/error.php
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KTlfO5iosvOc5snqnu4R2tibuns=1XaPtWJRuphiFeWWnc39ut0xxR4; vb-I4bxTZ1zTa69zc2qmzrGN12w=1601583092; Vz5S3zobFpXjGbapZ9LunpOYjuE=1601586692; KrEkKIrSNV0n-_BkjkWMGHgvx7A=2ZL18r_Rq6tUjKUMjx_pzQ9a5Gc; XvhV13HoIwkqhrh852QaL78tIJk=eOT3ckCcK_ZNZMBydFHN0SdRPak; TrY5PsrKaSvubBmHWqLAVzXmTL4=1601583133; G3fBSZ4nov1N7yk2EeKXv9MYRy4=1601586733; Vx1U_onpnpd0t0BC-zg7l9-yumk=eco4R_STeBxW0NjWf8yeji4-AGc; pEcBOmRGHLt_m5-kWbMq3jr7qdg=xVAuJ5YJIzxcmzomrmOoWtdOTkE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://avito-mob.net/error.php

Response headers

status
403
date
Thu, 01 Oct 2020 20:12:13 GMT
content-type
text/html; charset=utf8
content-length
552
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

9 Cookies

Domain/Path Name / Value
avito-mob.net/ Name: pEcBOmRGHLt_m5-kWbMq3jr7qdg
Value: xVAuJ5YJIzxcmzomrmOoWtdOTkE
avito-mob.net/ Name: TrY5PsrKaSvubBmHWqLAVzXmTL4
Value: 1601583133
avito-mob.net/ Name: XvhV13HoIwkqhrh852QaL78tIJk
Value: eOT3ckCcK_ZNZMBydFHN0SdRPak
avito-mob.net/ Name: KrEkKIrSNV0n-_BkjkWMGHgvx7A
Value: 2ZL18r_Rq6tUjKUMjx_pzQ9a5Gc
avito-mob.net/ Name: Vz5S3zobFpXjGbapZ9LunpOYjuE
Value: 1601586692
avito-mob.net/ Name: Vx1U_onpnpd0t0BC-zg7l9-yumk
Value: eco4R_STeBxW0NjWf8yeji4-AGc
avito-mob.net/ Name: vb-I4bxTZ1zTa69zc2qmzrGN12w
Value: 1601583092
avito-mob.net/ Name: G3fBSZ4nov1N7yk2EeKXv9MYRy4
Value: 1601586733
avito-mob.net/ Name: KTlfO5iosvOc5snqnu4R2tibuns
Value: 1XaPtWJRuphiFeWWnc39ut0xxR4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avito-mob.net
54.38.195.221
ba06358e68429145a15d0c1cfb211cb1b82680ef0a0b3efa376c68e9c1e4ea03
d3966c2b51e5fddf37f03e396239bc0b0a1677866d7dd86def8d99fadd1bf3c5