URL: https://www.booking.pl.ivao.aero/
Submission: On August 13 via automatic, source certstream-suspicious — Scanned from PL

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 152.228.161.65, located in France and belongs to OVH, FR. The main domain is www.booking.pl.ivao.aero.
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.
This is the only time www.booking.pl.ivao.aero was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 152.228.161.65 16276 (OVH)
1 216.58.206.42 15169 (GOOGLE)
1 51.210.248.59 16276 (OVH)
4 142.250.181.227 15169 (GOOGLE)
12 4
Apex Domain
Subdomains
Transfer
7 ivao.aero
www.booking.pl.ivao.aero
assets.br.ivao.aero
170 KB
4 gstatic.com
fonts.gstatic.com
62 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
12 3
Domain Requested by
6 www.booking.pl.ivao.aero www.booking.pl.ivao.aero
4 fonts.gstatic.com fonts.googleapis.com
1 assets.br.ivao.aero www.booking.pl.ivao.aero
1 fonts.googleapis.com www.booking.pl.ivao.aero
12 4

This site contains links to these domains. Also see Links.

Domain
wiki.ivao.aero
Subject Issuer Validity Valid
booking.pl.ivao.aero
R3
2023-08-13 -
2023-11-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
assets.br.ivao.aero
R3
2023-07-04 -
2023-10-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.booking.pl.ivao.aero/
Frame ID: CEF795CCE0B9FF06603D3004C6297D36
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Booking System

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

234 kB
Transfer

612 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.booking.pl.ivao.aero/
1 KB
524 B
Document
General
Full URL
https://www.booking.pl.ivao.aero/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.161.65 , France, ASN16276 (OVH, FR),
Reverse DNS
division.ivao.aero
Software
Apache /
Resource Hash
d2ced1fb9ab5c519f8ec0fc526f97670bc92152c454620dbc2fdd08036b5e30d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
409
content-type
text/html
date
Sun, 13 Aug 2023 21:39:10 GMT
last-modified
Sun, 13 Aug 2023 21:38:04 GMT
server
Apache
vary
Accept-Encoding
css2
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;800&family=Poppins:wght@400;500;600&family=Roboto&display=swap
Requested by
Host: www.booking.pl.ivao.aero
URL: https://www.booking.pl.ivao.aero/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f10.1e100.net
Software
ESF /
Resource Hash
57f699832ed621404de9efb59c7fda3cc163007cb0c519072cb0b69f9ca6aabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.booking.pl.ivao.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 13 Aug 2023 21:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 13 Aug 2023 21:39:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Aug 2023 21:39:10 GMT
main.c4097405.js
www.booking.pl.ivao.aero/static/js/
398 KB
111 KB
Script
General
Full URL
https://www.booking.pl.ivao.aero/static/js/main.c4097405.js
Requested by
Host: www.booking.pl.ivao.aero
URL: https://www.booking.pl.ivao.aero/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.161.65 , France, ASN16276 (OVH, FR),
Reverse DNS
division.ivao.aero
Software
Apache /
Resource Hash
b0cc56762d73d4f33a665764bad2f9818054fcc36ebd822991a69617bef2b264

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.booking.pl.ivao.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:39:10 GMT
content-encoding
br
last-modified
Sun, 13 Aug 2023 21:38:12 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
113651
main.c133be9f.css
www.booking.pl.ivao.aero/static/css/
25 KB
6 KB
Stylesheet
General
Full URL
https://www.booking.pl.ivao.aero/static/css/main.c133be9f.css
Requested by
Host: www.booking.pl.ivao.aero
URL: https://www.booking.pl.ivao.aero/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.161.65 , France, ASN16276 (OVH, FR),
Reverse DNS
division.ivao.aero
Software
Apache /
Resource Hash
a5239edd1b611affda2d16fafe136d5d5579312716104632ace2f9e6cf65fa22

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.booking.pl.ivao.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:39:10 GMT
content-encoding
br
last-modified
Sun, 13 Aug 2023 21:38:07 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5707
412.290c9a4e.chunk.js
www.booking.pl.ivao.aero/static/js/
1 KB
747 B
Script
General
Full URL
https://www.booking.pl.ivao.aero/static/js/412.290c9a4e.chunk.js
Requested by
Host: www.booking.pl.ivao.aero
URL: https://www.booking.pl.ivao.aero/static/js/main.c4097405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.161.65 , France, ASN16276 (OVH, FR),
Reverse DNS
division.ivao.aero
Software
Apache /
Resource Hash
9f9b13a746ee95e94e1e870b3221b3ebd32552494101e7d48a8c1b7b70e968e7

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.booking.pl.ivao.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:39:11 GMT
content-encoding
br
last-modified
Sun, 13 Aug 2023 21:38:09 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
668
kronos_light.svg
assets.br.ivao.aero/logos/
16 KB
16 KB
Image
General
Full URL
https://assets.br.ivao.aero/logos/kronos_light.svg
Requested by
Host: www.booking.pl.ivao.aero
URL: https://www.booking.pl.ivao.aero/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.210.248.59 , France, ASN16276 (OVH, FR),
Reverse DNS
divisions.ivao.aero
Software
nginx / PleskLin
Resource Hash
df0cf3491907741c0ecce33a3c18eae8f24c45c7acc78a24fa813b77260a670b

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.booking.pl.ivao.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:39:11 GMT
last-modified
Tue, 25 Oct 2022 23:39:32 GMT
server
nginx
etag
"635873b4-3f96"
x-powered-by
PleskLin
content-type
image/svg+xml
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
16278
crying_face.fb9b1c2050601f05bf315f1aaf590136.svg
www.booking.pl.ivao.aero/static/media/
2 KB
725 B
Image
General
Full URL
https://www.booking.pl.ivao.aero/static/media/crying_face.fb9b1c2050601f05bf315f1aaf590136.svg
Requested by
Host: www.booking.pl.ivao.aero
URL: https://www.booking.pl.ivao.aero/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.161.65 , France, ASN16276 (OVH, FR),
Reverse DNS
division.ivao.aero
Software
Apache /
Resource Hash
a617ce3f36c6f79ec9958f175766fbe72fac7f5425ee283e2f0f6e05603bf7d5

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.booking.pl.ivao.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:39:11 GMT
content-encoding
br
last-modified
Sun, 13 Aug 2023 21:38:13 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
658
cookies.e0585df145de3113e62496bb2e639489.svg
www.booking.pl.ivao.aero/static/media/
96 KB
35 KB
Image
General
Full URL
https://www.booking.pl.ivao.aero/static/media/cookies.e0585df145de3113e62496bb2e639489.svg
Requested by
Host: www.booking.pl.ivao.aero
URL: https://www.booking.pl.ivao.aero/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.161.65 , France, ASN16276 (OVH, FR),
Reverse DNS
division.ivao.aero
Software
Apache /
Resource Hash
39be0c3f5fe6da43e056c9d46d03d500d2d4e112253c38205872f8475b71e6a6

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.booking.pl.ivao.aero/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 21:39:11 GMT
content-encoding
br
last-modified
Sun, 13 Aug 2023 21:38:13 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
36189
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;800&family=Poppins:wght@400;500;600&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.booking.pl.ivao.aero
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 04:08:39 GMT
x-content-type-options
nosniff
age
322232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Aug 2024 04:08:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;800&family=Poppins:wght@400;500;600&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.booking.pl.ivao.aero
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 04:06:52 GMT
x-content-type-options
nosniff
age
235939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 04:06:52 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;800&family=Poppins:wght@400;500;600&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.booking.pl.ivao.aero
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 00:14:41 GMT
x-content-type-options
nosniff
age
77070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:14:41 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;800&family=Poppins:wght@400;500;600&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.booking.pl.ivao.aero
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 19:33:17 GMT
x-content-type-options
nosniff
age
180354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 19:33:17 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkfront object| regeneratorRuntime

0 Cookies