airlst.app
Open in
urlscan Pro
18.244.18.12
Public Scan
Effective URL: https://airlst.app/users/auth/login
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On March 31 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on December 28th 2023. Valid for: a year.
This is the only time airlst.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 18.244.18.12 18.244.18.12 | 16509 (AMAZON-02) (AMAZON-02) | |
17 | 18.245.60.38 18.245.60.38 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 35.186.247.156 35.186.247.156 | 15169 (GOOGLE) (GOOGLE) | |
19 | 3 |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-12.fra56.r.cloudfront.net
airlst.app |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-38.fra60.r.cloudfront.net
assets.airlst.app |
ASN15169 (GOOGLE, US)
PTR: 156.247.186.35.bc.googleusercontent.com
us.sentry.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
airlst.app
1 redirects
airlst.app assets.airlst.app |
796 KB |
1 |
sentry.io
us.sentry.io — Cisco Umbrella Rank: 26475 |
324 B |
19 | 2 |
Domain | Requested by | |
---|---|---|
17 | assets.airlst.app |
airlst.app
assets.airlst.app |
2 | airlst.app | 1 redirects |
1 | us.sentry.io |
assets.airlst.app
|
19 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.airlst.com |
airlst.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
airlst.app Amazon RSA 2048 M02 |
2023-12-28 - 2025-01-25 |
a year | crt.sh |
sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-08-08 - 2024-09-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://airlst.app/users/auth/login
Frame ID: F631EC0D6275ACE484733FC00181A6F3
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
AirLST - LoginPage URL History Show full URLs
-
https://airlst.app/
HTTP 302
https://airlst.app/users/auth/login Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: AirLST GmbH
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://airlst.app/
HTTP 302
https://airlst.app/users/auth/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
airlst.app/users/auth/ Redirect Chain
|
214 KB 216 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-SjAG9rfy.css
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
108 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-Bemcmpz5.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
573 KB 177 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login-BqRhybZB.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppHead-BWFqtr1L.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
704 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AuthFooter-BtOm7m3E.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Captcha-gfJ6CCtd.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pusher-CMKt97kn.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
62 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/images/ |
1 KB 2 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-D37ub8u2.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
303 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
us.sentry.io/api/4504605608640512/envelope/ |
2 B 324 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-8ZCnQ_Hr.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
100 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.es-DwFg9v09.js
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
68 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de-DE.gif
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/images/flags/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-black.png
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/images/ |
38 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google.svg
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/images/ |
1 KB 1021 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.svg
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/images/ |
776 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-cloud-main.png
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Montserrat-VariableFont_wght-BX21VzKy.ttf
assets.airlst.app/5fb41f3f-3833-4299-b778-3fd4c6e63b51/build/assets/ |
385 KB 147 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal function| route object| _translations object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __INTLIFY_JIT_COMPILATION__ boolean| __INTLIFY_DROP_MESSAGE_COMPILER__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ function| Pusher object| __SENTRY__ object| FontAwesomeConfig object| ___FONT_AWESOME___2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
airlst.app/ | Name: XSRF-TOKEN Value: eyJpdiI6Ii9WR2xwUTYwenE5YTBqZjRIcEF2dlE9PSIsInZhbHVlIjoiRHhrT2NoNkVuMzRrU3FwRWJ3QmZCcTBoT3kvOS9DU1Qvd2dNbEpEeXdVN1I3bjFOdWwyckpBd1VsTFFwcDBzMW5yM1g4MEk0V3lwaEd2RGJGSVRXNlVhVWhVOXBpTHdHTUQyTVBIL1hWMGIrUEpLR3NNdnN4YlA5Z2JIV0Q3RkMiLCJtYWMiOiIzMjQxOTVmOTU1NjVjM2ZlNzVhNTc3MDU1MGIyODg1MTRiYjgwNjM3NWM5ZTBkMjBmYmNjOGE1M2VjNGZjODBhIiwidGFnIjoiIn0%3D |
|
airlst.app/ | Name: airlst_guest_solutions_session Value: eyJpdiI6IkpZSkZ1djVjUGVRUmpZUnZpQll6Snc9PSIsInZhbHVlIjoiWUZmMHp0VitON3ZSdWJHME5GWlNObndkSDlCT3d6Yis4ODErYW5PbkxicWpxRnk5RThFQmQ1ejdQUHFnMGtheFZ0eXJKdGZnaGVkMHBRaDV6N3NuRGoxeklsNTAzSVF2VkdyVWJKanA1MzhYdlVOWmp6QTNUNmhLaUZjRTJzY0YiLCJtYWMiOiI3NWY1NTRlMjRmZmM4ZmE4NTRhOTk2YWFjMWEwMDI1ZmUzNDU3NjIyMmEzMTM3OWQ1NTE1OWMwOGQ5ZDVhZmU1IiwidGFnIjoiIn0%3D |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | base-uri 'self';default-src 'self';frame-src 'self' centerstage.airlst.app seating.airlst.app support.airlst.app app.getbee.io data: blob:;connect-src 'self' centerstage.airlst.app seating.airlst.app assets.airlst.app wss://ws.airlst.io support.airlst.app core-airlst.s3.eu-central-1.amazonaws.com us.sentry.io;form-action 'self';img-src 'self' data: assets.airlst.app *.cloudfront.net core-airlst.s3.eu-central-1.amazonaws.com core-beefree.s3.amazonaws.com app-rsrc.getbee.io;media-src 'self';object-src 'none';script-src 'self' assets.airlst.app support.airlst.app app-rsrc.getbee.io loader.getbee.io 'unsafe-inline' 'unsafe-eval';style-src 'self' assets.airlst.app support.airlst.app fonts.googleapis.com 'unsafe-inline';font-src 'self' data: assets.airlst.app fonts.gstatic.com;report-uri https://airlst.app/security/csp-report;report-to csp-endpoint |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
airlst.app
assets.airlst.app
us.sentry.io
18.244.18.12
18.245.60.38
35.186.247.156
10ca3220e2df12d4a9116e40d7a55bc0aaad6c8a36e81f787c08df39ba6188a2
158f5111a27013bc3a48d1f8a9e44f2b370d5be513ca0e7dd6f48ccd4062754a
2ab88d591e2f1b5e238d1093b6684f04de052a58dbacfd137773c5e7a4125ee3
338d520b526dca8289b142ffc063d17668e3a510de388ffe75f12aa7f220c461
39bd1683859b26a85976c1e353ca40019d43b434f16c9f88310c1cca347060db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44d36e692e2c5001ab17a457183223de449f7b1e02fa8b3f781070524cef905d
4aa8fc23c9710a333ffcc62c4ec8d05c15c3a0f6467b912cf390bb732d1a0226
871c4ab0ab69e12d411d286e28256510234cf0f73b2be700d9447c0d1e579e39
8b36c275afe0237230a7d998a16c67c016f65c6541adce519b1454c5bc446491
8d7aa3b3174a4d55b957c97849e80038b365ae2396b1326c87d83ed5a68e0ea8
9da12fda4c51268237a22ea358bfda474f1bf4fff503981653d265799f03fa2e
a4fe82b4bfd40c71320ab0f1daca8ba2f230b55a56ffa94d5d1b349675b70d73
a9dbe35938ff1d724d747314316704f92e6153d7a3b7a5838a452f599247ce85
b69c5e1a63277026621d04021a3010c12ad3b13e971aa036941f8fc0429d0137
b9ecbc5745205b3601cc94c7a6465bb42adbf3cf23889874f18c9b928b2fa3c6
d0e03f449df3c711d75c22d506cbd756164bdf137cd91b0b1f28698658126c6d
dc83c0efc3482aa0a53b5156fccf0bdc6b138190022a1a45d38b33b0a3341122
dd7d79a5f48d38b78690c65e0988409a98d0a99bb746665f18adbb542ea6b88a