urlscan.io logo urlscan.io
SecurityTrails logo

avaray.app Open in urlscan Pro
34.90.126.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://avaray.app/
Submission: On May 21 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 34.90.126.209, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is avaray.app.
TLS certificate: Issued by R3 on May 19th 2024. Valid for: 3 months.
This is the only time avaray.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 34.90.126.209 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.92.1.240 16509 (AMAZON-02)
9 3
Apex Domain
Subdomains		 Transfer
6 avaray.app
avaray.app
776 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 amazonaws.com
s3.eu-west-1.amazonaws.com
4 KB
9 3
Domain Requested by
6 avaray.app avaray.app
2 fonts.googleapis.com avaray.app
1 s3.eu-west-1.amazonaws.com
9 3

This site contains no links.

Subject Issuer Validity Valid
avaray.app
R3		 2024-05-19 -
2024-08-17		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-31 -
2025-01-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://avaray.app/
Frame ID: 65756E7CE3AA436E820DB86F093A6196
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hôtel d'Avaray

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

782 kB
Transfer

2533 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
avaray.app/ 		1 KB
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://avaray.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.90.126.209 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.126.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2346ca54fad6a0c24f556436b890c958ed0dfdba83ee1e036e34ceabae3758a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 21 May 2024 09:05:16 GMT
etag
W/"6259af6c-4d3"
last-modified
Fri, 15 Apr 2022 17:46:20 GMT
server
nginx
strict-transport-security
max-age=15724800; includeSubdomains
vary
Accept-Encoding
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: avaray.app
URL: https://avaray.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://avaray.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 May 2024 09:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 May 2024 09:05:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 May 2024 09:05:19 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: avaray.app
URL: https://avaray.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf272a1d8385b4ce627ac1474a8998e3bff240374f0f9ef8a339664513158710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://avaray.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 May 2024 09:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 May 2024 08:31:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 May 2024 09:05:19 GMT
app.js
avaray.app/ 		2 MB
508 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://avaray.app/app.js
Requested by
Host: avaray.app
URL: https://avaray.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.90.126.209 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.126.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
075c35344c763fb1371d1707731902a4827143c3fc5b4a1b1ec0db75d280768f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://avaray.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 09:05:17 GMT
strict-transport-security
max-age=15724800; includeSubdomains
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 17:46:20 GMT
server
nginx
etag
W/"6259af6c-1f27fd"
vary
Accept-Encoding
content-type
application/javascript
residentie.svg
avaray.app/images/ 		423 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avaray.app/images/residentie.svg
Requested by
Host: avaray.app
URL: https://avaray.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.90.126.209 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.126.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a795a4bb4489742c98ed94066250b3ec0b274f014c84ec1b849423d60f5e2181
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://avaray.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 09:05:20 GMT
strict-transport-security
max-age=15724800; includeSubdomains
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 17:46:20 GMT
server
nginx
etag
W/"6259af6c-69b48"
vary
Accept-Encoding
content-type
image/svg+xml
wapen.svg
avaray.app/images/ 		37 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avaray.app/images/wapen.svg
Requested by
Host: avaray.app
URL: https://avaray.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.90.126.209 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.126.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4397111f1661f571e25508fbc95ee98ed7c3d5c8161d72b8fee0572f50102f76
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://avaray.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 09:05:20 GMT
strict-transport-security
max-age=15724800; includeSubdomains
content-encoding
gzip
last-modified
Fri, 15 Apr 2022 17:46:20 GMT
server
nginx
etag
W/"6259af6c-92aa"
vary
Accept-Encoding
content-type
image/svg+xml
SofiaProBold.woff
avaray.app/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://avaray.app/fonts/SofiaProBold.woff
Requested by
Host: avaray.app
URL: https://avaray.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.90.126.209 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.126.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f95fbf83f266c612159369093c4c6f1e9c2b18ee10cc2ad2f2fd493864e930f3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://avaray.app/
Origin
https://avaray.app
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 09:05:20 GMT
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Fri, 15 Apr 2022 17:46:20 GMT
server
nginx
etag
"6259af6c-a1e0"
content-type
font/woff
accept-ranges
bytes
content-length
41440
SofiaProRegular.woff
avaray.app/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://avaray.app/fonts/SofiaProRegular.woff
Requested by
Host: avaray.app
URL: https://avaray.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.90.126.209 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.126.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d55ec867eac49b380bd4e63ee74c27c3bd1dd075dd146de2295702bd6857744e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://avaray.app/
Origin
https://avaray.app
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 09:05:20 GMT
strict-transport-security
max-age=15724800; includeSubdomains
last-modified
Fri, 15 Apr 2022 17:46:20 GMT
server
nginx
etag
"6259af6c-6f04"
content-type
font/woff
accept-ranges
bytes
content-length
28420
818341b3-345f-4a6d-bde0-190619c76377-200x200.jpg
s3.eu-west-1.amazonaws.com/bsqd-out/image/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s3.eu-west-1.amazonaws.com/bsqd-out/image/818341b3-345f-4a6d-bde0-190619c76377-200x200.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.1.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
17a392869c31279c1297621021f67f858d9b33475cff6639eb41e7e7ab3a2de1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://avaray.app/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 21 May 2024 09:05:22 GMT
Last-Modified
Mon, 10 Dec 2018 16:12:04 GMT
Server
AmazonS3
x-amz-request-id
Y44M0BY2N2X3BJB5
ETag
"94cd618a471649b8be08ca2e5d3d336a"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3707
x-amz-id-2
H+39BTI3kdU92DJkXoX6MbS0eDiqSzGcHlM1rhJeSnnEKibGCFofVpkrCmVnoJvVzCv/eU+hNaI=

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Phoenix number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ object| serviceWorkerRegistration

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubdomains