flight.safesafarltd.co.uk
Open in
urlscan Pro
18.134.251.57
Public Scan
Effective URL: https://flight.safesafarltd.co.uk/login
Submission: On July 11 via automatic, source certstream-suspicious — Scanned from GB
Summary
TLS certificate: Issued by E5 on July 11th 2024. Valid for: 3 months.
This is the only time flight.safesafarltd.co.uk was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 5 | 18.134.251.57 18.134.251.57 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6812:ba1f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.21.234.234 104.21.234.234 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 52.95.142.26 52.95.142.26 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-251-57.eu-west-2.compute.amazonaws.com
flight.safesafarltd.co.uk |
ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-2.amazonaws.com
travnet-cart-tenancy-bucket.s3.eu-west-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
safesafarltd.co.uk
2 redirects
flight.safesafarltd.co.uk |
494 KB |
2 |
amazonaws.com
travnet-cart-tenancy-bucket.s3.eu-west-2.amazonaws.com |
17 KB |
2 |
rsms.me
rsms.me — Cisco Umbrella Rank: 25152 |
340 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423 |
9 KB |
8 | 4 |
Domain | Requested by | |
---|---|---|
5 | flight.safesafarltd.co.uk |
2 redirects
flight.safesafarltd.co.uk
|
2 | travnet-cart-tenancy-bucket.s3.eu-west-2.amazonaws.com |
flight.safesafarltd.co.uk
|
2 | rsms.me |
flight.safesafarltd.co.uk
rsms.me |
1 | cdn.jsdelivr.net |
flight.safesafarltd.co.uk
|
8 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
uk.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
flight.safesafarltd.co.uk E5 |
2024-07-11 - 2024-10-09 |
3 months | crt.sh |
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA |
2024-05-04 - 2025-05-04 |
a year | crt.sh |
rsms.me WE1 |
2024-06-23 - 2024-09-21 |
3 months | crt.sh |
*.s3.eu-west-2.amazonaws.com Amazon RSA 2048 M01 |
2024-06-12 - 2025-06-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://flight.safesafarltd.co.uk/login
Frame ID: 671B656CDC50BE3D14A1F0DA587849FA
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Safe SafarPage URL History Show full URLs
-
https://flight.safesafarltd.co.uk/
HTTP 302
https://flight.safesafarltd.co.uk/settings/application HTTP 302
https://flight.safesafarltd.co.uk/login Page URL
Detected technologies
Alpine.js (JavaScript frameworks) ExpandDetected patterns
- /alpine(?:\.min)?\.js
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://flight.safesafarltd.co.uk/
HTTP 302
https://flight.safesafarltd.co.uk/settings/application HTTP 302
https://flight.safesafarltd.co.uk/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
flight.safesafarltd.co.uk/ Redirect Chain
|
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
flight.safesafarltd.co.uk/js/ |
671 KB 130 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
flight.safesafarltd.co.uk/css/ |
4 MB 358 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alpine.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.x.x/dist/ |
26 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
inter.css
rsms.me/inter/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7826af86-b5d1-4446-a0d1-5bfd393f78f2_logo%20%283%29.png
travnet-cart-tenancy-bucket.s3.eu-west-2.amazonaws.com/tenant_uploads/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
InterVariable.woff2
rsms.me/inter/font-files/ |
337 KB 338 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7826af86-b5d1-4446-a0d1-5bfd393f78f2_icon-150x150.png
travnet-cart-tenancy-bucket.s3.eu-west-2.amazonaws.com/tenant_uploads/ |
9 KB 9 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunk function| _ function| axios object| Alpine2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
flight.safesafarltd.co.uk/ | Name: XSRF-TOKEN Value: eyJpdiI6Ik50d000cS8vYTVpZm5RUFd1ZERPMEE9PSIsInZhbHVlIjoiakxsWnVrdkxsMElqQndDNlJQZlpwRjBlL045TzJDSlJES0tIbnRSamZOZ0tqYzVuTHJZRGRNd08yRGlWUk1EOTZHVk1PVlJubFgvanNhMGJuMXgzb2xlKzVtcmpnYjUrQVdzRUQwQ3AyRUM0cDlVM3dGZmtKK0pHL2pJQ1RFb0IiLCJtYWMiOiI0MGEzN2NkYzk1MGY4MGNhMGUyNTNlMmRhNmIzYjYwMjM3YzEyMjgyN2JkMzE2MTEyZmQ1NmZkZDgyNjBjY2JlIiwidGFnIjoiIn0%3D |
|
flight.safesafarltd.co.uk/ | Name: travnet_tech_session Value: eyJpdiI6IlRYZmxkVmtYMTU4ais4Y1dPV09VVFE9PSIsInZhbHVlIjoiVWdNQXNLQWZ4YjJOWTMvY3ByVHdqR05YOXJPSm5xR1BXS0FSSkJoZVhRWU5lT2c5MGlidDk5aHliUktWeVBYN1BwM2ZFVFVMeGRjQzllR0RkZFZjWEs0ZkxTVDJDa1Zwd0doZ1cxRVlURXhFNzMyRmRINWxlTWNnekZZL3Q0N0MiLCJtYWMiOiJjZjkzOWVlOGQ2NGRjZDU4YThmM2RkMjA1NTZlZDQxNjhhODcyYzVmY2IwM2JkYWVkNTFmZDZiZDI5MWUzZGZhIiwidGFnIjoiIn0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
flight.safesafarltd.co.uk
rsms.me
travnet-cart-tenancy-bucket.s3.eu-west-2.amazonaws.com
104.21.234.234
18.134.251.57
2606:4700::6812:ba1f
52.95.142.26
1918404789c94a0576b199c76ab13000c10d4e3b4754f2c17fe3fafbea8f0bdb
2eefdadf96853bc561f590e577ddfc4cc3269156fcc252aaae1e101aae05de1a
3ff8f5cdab2276015c60249036b20f842dc29d5e8275920eadf886cb39fbe5ee
40861e2c026633e216f7367327d6a13070dd9fef087f0e63501ad0046a144623
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
989668bef6f65b5ae7f6d6469d4f0e0bc4f666dd056902f0383c616e62a3d678
d8827be28306cf93c85e6569217eabacb1a73b1d9695a34808be8e0763c7dc48