aht22.bookeddirectly.com Open in urlscan Pro
54.73.26.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aht22.ee/
Effective URL:
https://aht22.bookeddirectly.com/g/
Submission: On April 17 via api (April 17th 2024, 11:21:24 am UTC) from LU — Scanned from FI

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 54.73.26.109, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is aht22.bookeddirectly.com.
TLS certificate: Issued by R3 on February 13th 2024. Valid for: 3 months.

This is the only time aht22.bookeddirectly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	217.64.46.117 217.64.46.117	39324 (MEDIAM-AS) (MEDIAM-AS)
1	54.73.26.109 54.73.26.109	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:223... 2600:9000:223f:400:16:6756:7840:21	() ()
2	151.101.66.133 151.101.66.133	() ()
1	2600:9000:223... 2600:9000:223c:bc00:1e:df23:9e40:21	() ()
16	6

2 217.64.46.117 (Helsinki, Finland)

ASN39324 (MEDIAM-AS, FI)
PTR: srv-o117.hel.mediateam.fi

aht22.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.26.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

aht22.bookeddirectly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:223f:400:16:6756:7840:21 (None, )

ASN- ()

d2rh7yeab97r35.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (None, )

ASN- ()

cdn.filestackcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:bc00:1e:df23:9e40:21 (None, )

ASN- ()

d21py1zpo0yxkp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudfront.net d2rh7yeab97r35.cloudfront.net d21py1zpo0yxkp.cloudfront.net	83 KB
2	filestackcontent.com cdn.filestackcontent.com	50 KB
2	aht22.ee aht22.ee	772 B
1	bookeddirectly.com aht22.bookeddirectly.com	20 KB
0	rollbar.com Failed cdn.rollbar.com Failed
16	5

	Domain	Requested by
7	d2rh7yeab97r35.cloudfront.net	aht22.bookeddirectly.com d2rh7yeab97r35.cloudfront.net
2	cdn.filestackcontent.com	aht22.bookeddirectly.com
2	aht22.ee
1	d21py1zpo0yxkp.cloudfront.net	d2rh7yeab97r35.cloudfront.net
1	aht22.bookeddirectly.com
0	cdn.rollbar.com Failed	aht22.bookeddirectly.com
16	6

This site contains no links.

Subject Issuer	Validity	Valid
*.aht22.ee R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
bookeddirectly.com R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.filestackcontent.com R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://aht22.bookeddirectly.com/g/
Frame ID: 1B869660984635BCB3CB87DCDADCF87B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://aht22.ee/ Page URL
https://aht22.bookeddirectly.com/g/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

16
Requests

69 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

154 kB
Transfer

1042 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aht22.ee/ Page URL
https://aht22.bookeddirectly.com/g/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
aht22.ee/ 423 B
407 B 494ms
33ms Document
text/html 217.64.46.117
MEDIAM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aht22.ee/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.64.46.117 Helsinki, Finland, ASN39324 (MEDIAM-AS, FI),
Reverse DNS: srv-o117.hel.mediateam.fi
Software: Apache/2 /
Resource Hash: 23419a40a34fa65112947710ccc3a13d57fcee20095cba69bf6203a613cb021f

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 261
content-type: text/html
date: Wed, 17 Apr 2024 11:21:20 GMT
etag: "1a7-5fc440375afd9-gzip"
last-modified: Mon, 22 May 2023 08:25:29 GMT
server: Apache/2
vary: Accept-Encoding,User-Agent

GET
H2 404 favicon.ico
aht22.ee/ 315 B
365 B 32ms
31ms Other
text/html 217.64.46.117
MEDIAM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aht22.ee/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.64.46.117 Helsinki, Finland, ASN39324 (MEDIAM-AS, FI),
Reverse DNS: srv-o117.hel.mediateam.fi
Software: Apache/2 /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://aht22.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 17 Apr 2024 11:21:20 GMT
server: Apache/2
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK Primary Request / Show response
aht22.bookeddirectly.com/g/ 17 KB
20 KB 323ms
136ms Document
text/html 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aht22.bookeddirectly.com/g/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

Cowboy /

Resource Hash

dbdba0d120f9e0a8eb08806029cc2ba3195b4b46425cef2d8b7433cabcad7380

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://intercom.help https://api-iam.intercom.io https://verify.stripe.com; frame-ancestors 'self' www.gamlastanapartments.com gamlastanapartments.com www.margaretriverproperties.com.au app.directbookingtools.com www.aldartonluxuryhomes.co.uk; base-uri 'self'; default-src 'none'; script-src 'self' cdn.rollbar.com 'nonce-dA9pxNkONsQWN5wVpBLiKw==' .stripe.com connect.facebook.net googleads.g.doubleclick.net www.googleadservices.com www.googletagmanager.com analytics.google.com www.google-analytics.com .googleapis.com cdnjs.cloudflare.com d2rh7yeab97r35.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; connect-src 'self' api.rollbar.com googleads.g.doubleclick.net www.googleadservices.com stats.g.doubleclick.net www.googletagmanager.com .google-analytics.com .analytics.google.com analytics.google.com maps.googleapis.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://identity.stripe.com; img-src 'self' d2rh7yeab97r35.cloudfront.net https: data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://.intercom-attachments-5.com https://.intercom-attachments-6.com https://.intercom-attachments-9.com; style-src 'self' d2rh7yeab97r35.cloudfront.net 'unsafe-inline' https:; font-src 'self' d2rh7yeab97r35.cloudfront.net fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com; object-src 'none'; child-src 'self' https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; frame-src 'self' .stripe.com https://intercom-sheets.com; media-src 'self' https://js.intercomcdn.com; manifest-src 'self' d2rh7yeab97r35.cloudfront.net;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://aht22.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 17465
Content-Security-Policy: form-action 'self' https://intercom.help https://api-iam.intercom.io https://verify.stripe.com; frame-ancestors 'self' www.gamlastanapartments.com gamlastanapartments.com www.margaretriverproperties.com.au app.directbookingtools.com www.aldartonluxuryhomes.co.uk; base-uri 'self'; default-src 'none'; script-src 'self' cdn.rollbar.com 'nonce-dA9pxNkONsQWN5wVpBLiKw==' *.stripe.com connect.facebook.net googleads.g.doubleclick.net www.googleadservices.com www.googletagmanager.com analytics.google.com www.google-analytics.com *.googleapis.com cdnjs.cloudflare.com d2rh7yeab97r35.cloudfront.net https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com; connect-src 'self' api.rollbar.com googleads.g.doubleclick.net www.googleadservices.com stats.g.doubleclick.net www.googletagmanager.com *.google-analytics.com *.analytics.google.com analytics.google.com maps.googleapis.com https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://identity.stripe.com; img-src 'self' d2rh7yeab97r35.cloudfront.net https: data: blob: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com; style-src 'self' d2rh7yeab97r35.cloudfront.net 'unsafe-inline' https:; font-src 'self' d2rh7yeab97r35.cloudfront.net fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com; object-src 'none'; child-src 'self' https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; frame-src 'self' *.stripe.com https://intercom-sheets.com; media-src 'self' https://js.intercomcdn.com; manifest-src 'self' d2rh7yeab97r35.cloudfront.net;
Content-Type: text/html; charset=utf-8
Date: Wed, 17 Apr 2024 11:21:22 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713352883&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=7zXwNfJdrtueywg4klQrdCqZWZEVCs87Xgeahfg2Py8%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713352883&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=7zXwNfJdrtueywg4klQrdCqZWZEVCs87Xgeahfg2Py8%3D
Server: Cowboy
Vary: Origin
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK about-a619b304dabc436c769fd61958159b8a.css
d2rh7yeab97r35.cloudfront.net/assets/g/ 115 KB
19 KB 322ms
187ms Stylesheet
text/css 2600:9000:223f:400:16:6756:7840:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/about-a619b304dabc436c769fd61958159b8a.css
Requested by: Host: aht22.bookeddirectly.com
URL: https://aht22.bookeddirectly.com/g/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:16:6756:7840:21 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 67eb07f591af803cf163cf034d26fcc38fe8f543126781108be2d7c5e754cacd

Request headers

Referer: https://aht22.bookeddirectly.com/
Origin: https://aht22.bookeddirectly.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 17 Apr 2024 11:21:23 GMT
Via: 1.1 vegur, 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
Content-Encoding: gzip
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Amz-Cf-Pop: FRA56-P5
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713352883&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=1lhiut62L4%2B18f6UfqidmVi0C%2BzBZZzje%2FO0DgPH3ws%3D
Last-Modified: Tue, 16 Apr 2024 12:45:56 GMT
Server: Cowboy
Access-Control-Max-Age: 7200
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713352883&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=1lhiut62L4%2B18f6UfqidmVi0C%2BzBZZzje%2FO0DgPH3ws%3D"}]}
Content-Type: text/css
Access-Control-Allow-Origin: https://aht22.bookeddirectly.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, PUT, DELETE
Access-Control-Expose-Headers
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: DDAJzbJW-EzWftaKmpPA-DbiYLACEDtoZnvzCzwZUGslBAtaxCtrxw==

GET
H2 200 v9z36udCSoaINjZVtad8
cdn.filestackcontent.com/ 49 KB
50 KB 273ms
147ms Image
image/png 151.101.66.133

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.filestackcontent.com/v9z36udCSoaINjZVtad8

Requested by

Host: aht22.bookeddirectly.com
URL: https://aht22.bookeddirectly.com/g/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 -, , ASN (),

Reverse DNS

Software

Resource Hash

91d3ae3ca4bf6437bc2b32dec062821a849210b2cc09bab9e81a018f595faa27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline';

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://aht22.bookeddirectly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 17 Apr 2024 11:21:24 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline';
age: 665626
x-cache: HIT, MISS
content-disposition: inline; filename="Webp.net-resizeimage.png"
content-length: 50681
x-served-by: cache-iad-kjyo7100163-IAD, cache-ams21061-AMS
last-modified: Sun, 05 Jun 2022 20:51:12 GMT
x-timer: S1713352884.918574,VS0,VE92
etag: "564a04991ceb5841fe11906315d929bd"
x-file-name: Webp.net-resizeimage.png
access-control-max-age: 21600
access-control-allow-methods: DELETE, GET, HEAD, POST, PUT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2678400
filestack-trace-id: 1711712216-rCZwNaOQUi
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 2, 0

GET
H2 200 XzXOmaPaRzi2neCHjQhU
cdn.filestackcontent.com/ 352 KB
0 526ms
401ms Image
image/jpeg 151.101.66.133

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.filestackcontent.com/XzXOmaPaRzi2neCHjQhU

Requested by

Host: aht22.bookeddirectly.com
URL: https://aht22.bookeddirectly.com/g/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline';

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://aht22.bookeddirectly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 17 Apr 2024 11:21:24 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: default-src 'self'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'unsafe-inline';
age: 0
x-cache: MISS, MISS
content-disposition: inline; filename="Webp.net-resizeimage.jpg"
content-length: 2000262
x-served-by: cache-iad-kcgs7200114-IAD, cache-ams21061-AMS
last-modified: Sun, 05 Jun 2022 20:48:38 GMT
x-timer: S1713352884.918807,VS0,VE345
etag: "264f0a9169d093917c81ebb49cf8e73d"
x-file-name: Webp.net-resizeimage.jpg
access-control-max-age: 21600
access-control-allow-methods: DELETE, GET, HEAD, POST, PUT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-File-Name
cache-control: public, max-age=2678400
filestack-trace-id: 1713352883-XXDmLW1cTq
accept-ranges: bytes
access-control-allow-headers: Content-Type, X-No-Stream
x-cache-hits: 0, 0

GET
H/1.1 200
OK vendor-8853807630b7719729c8e3b7ba7ac1f1.js Show response
d2rh7yeab97r35.cloudfront.net/assets/g/ 181 KB
60 KB 185ms
184ms Script
application/javascript 2600:9000:223f:400:16:6756:7840:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/vendor-8853807630b7719729c8e3b7ba7ac1f1.js
Requested by: Host: aht22.bookeddirectly.com
URL: https://aht22.bookeddirectly.com/g/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:16:6756:7840:21 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: d24b050fe311b096cbfb298cab2ea6962b28865bdb9b1f2add6434b276626822

Request headers

Referer: https://aht22.bookeddirectly.com/
Origin: https://aht22.bookeddirectly.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 17 Apr 2024 11:21:24 GMT
Via: 1.1 vegur, 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
Content-Encoding: gzip
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Amz-Cf-Pop: FRA56-P5
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D
Last-Modified: Tue, 16 Apr 2024 12:46:00 GMT
Server: Cowboy
Access-Control-Max-Age: 7200
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: https://aht22.bookeddirectly.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, PUT, DELETE
Access-Control-Expose-Headers
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: n5mx7lREVMh8LGVUESEhtP_mg_M0D7e_9mxPj5I7_z7KRUW_3SMyYg==

GET
H/1.1 200
OK popper.min-797b9bc7bbf22fab66c2d74db7b6ed62.js
d2rh7yeab97r35.cloudfront.net/assets/g/ 11 KB
0 294ms
178ms Script
application/javascript 2600:9000:223f:400:16:6756:7840:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/popper.min-797b9bc7bbf22fab66c2d74db7b6ed62.js
Requested by: Host: aht22.bookeddirectly.com
URL: https://aht22.bookeddirectly.com/g/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:16:6756:7840:21 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Referer: https://aht22.bookeddirectly.com/
Origin: https://aht22.bookeddirectly.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 17 Apr 2024 11:21:23 GMT
Via: 1.1 vegur, 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
Content-Encoding: gzip
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Amz-Cf-Pop: FRA56-P5
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D
Last-Modified: Tue, 16 Apr 2024 12:46:05 GMT
Server: Cowboy
Access-Control-Max-Age: 7200
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: https://aht22.bookeddirectly.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, PUT, DELETE
Access-Control-Expose-Headers
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: wnlB6lMDWNjwpwDYHH_qNmpRwN_qxSeaNlw4Z10c1vK4LcwNt3bpOg==

GET
H/1.1 200
OK bootstrap.min-a41a12ea310027f071ad55bc5e727f11.js
d2rh7yeab97r35.cloudfront.net/assets/g/ 11 KB
0 295ms
179ms Script
application/javascript 2600:9000:223f:400:16:6756:7840:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/bootstrap.min-a41a12ea310027f071ad55bc5e727f11.js
Requested by: Host: aht22.bookeddirectly.com
URL: https://aht22.bookeddirectly.com/g/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:16:6756:7840:21 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Referer: https://aht22.bookeddirectly.com/
Origin: https://aht22.bookeddirectly.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 17 Apr 2024 11:21:24 GMT
Via: 1.1 vegur, 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Content-Encoding: gzip
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Amz-Cf-Pop: FRA56-P5
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D
Last-Modified: Tue, 16 Apr 2024 12:45:53 GMT
Server: Cowboy
Access-Control-Max-Age: 7200
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: https://aht22.bookeddirectly.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, PUT, DELETE
Access-Control-Expose-Headers
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: jZH_Ji61bpBcPeCxJnVNT6pMW3Rgt9sNLmRxEs7bjBBp1164FpZOhA==

GET
H/1.1 200
OK dates-picker-5c07fcb0d9dca14f44d2d3373921ee79.js
d2rh7yeab97r35.cloudfront.net/assets/g/ 4 KB
2 KB 308ms
191ms Script
application/javascript 2600:9000:223f:400:16:6756:7840:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/dates-picker-5c07fcb0d9dca14f44d2d3373921ee79.js
Requested by: Host: aht22.bookeddirectly.com
URL: https://aht22.bookeddirectly.com/g/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:16:6756:7840:21 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Referer: https://aht22.bookeddirectly.com/
Origin: https://aht22.bookeddirectly.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 17 Apr 2024 11:21:24 GMT
Via: 1.1 vegur, 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
Content-Encoding: gzip
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Amz-Cf-Pop: FRA56-P5
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D
Last-Modified: Tue, 16 Apr 2024 12:46:06 GMT
Server: Cowboy
Access-Control-Max-Age: 7200
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: https://aht22.bookeddirectly.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, PUT, DELETE
Access-Control-Expose-Headers
Cache-Control: public, max-age=31536000
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: tQUmifr4wMZVOVIgHDd1uBORfC7LiPCiKJlbHeuomkpqsNVlZdEfMw==

GET
H/1.1 200
OK url-search-params-caf7e299034eb5bcdcb5f4f54ddf8829.js
d2rh7yeab97r35.cloudfront.net/assets/g/ 768 B
2 KB 300ms
183ms Script
application/javascript 2600:9000:223f:400:16:6756:7840:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/url-search-params-caf7e299034eb5bcdcb5f4f54ddf8829.js
Requested by: Host: aht22.bookeddirectly.com
URL: https://aht22.bookeddirectly.com/g/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:16:6756:7840:21 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Referer: https://aht22.bookeddirectly.com/
Origin: https://aht22.bookeddirectly.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 17 Apr 2024 11:21:23 GMT
Via: 1.1 vegur, 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Amz-Cf-Pop: FRA56-P5
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 768
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D
Last-Modified: Tue, 16 Apr 2024 12:46:01 GMT
Server: Cowboy
Access-Control-Max-Age: 7200
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: https://aht22.bookeddirectly.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, PUT, DELETE
Access-Control-Expose-Headers
Cache-Control: public, max-age=31536000
Vary: Origin
X-Amz-Cf-Id: TBBkMl1w7jSy8nH5VqtX1Lf1kFEXtBGyicMuos1sVAlqoUR76e2W4Q==

GET search-bar-6f4e9c2efec14d06cb8e30985f4477c8.js
d2rh7yeab97r35.cloudfront.net/assets/g/ 0
0

GET about-0cc668336931cb71c6770d56ddce1e3a.js
d2rh7yeab97r35.cloudfront.net/assets/g/ 0
0

GET rollbar.min.js
cdn.rollbar.com/rollbarjs/refs/tags/v2.23.0/ 0
0

GET
H2 200 listing_icons-8cb1f4173cc0288fd509e2f50901b0bb.svg
d21py1zpo0yxkp.cloudfront.net/ 291 KB
0 220ms
69ms Image
image/svg+xml 2600:9000:223c:bc00:1e:df23:9e40:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d21py1zpo0yxkp.cloudfront.net/listing_icons-8cb1f4173cc0288fd509e2f50901b0bb.svg
Requested by: Host: d2rh7yeab97r35.cloudfront.net
URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/about-a619b304dabc436c769fd61958159b8a.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:bc00:1e:df23:9e40:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://d2rh7yeab97r35.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 17 Apr 2024 03:35:49 GMT
content-encoding: gzip
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 15:01:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 27936
etag: W/"8cb1f4173cc0288fd509e2f50901b0bb"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: rFByN6wBN-i5yZYiDBoRRpJPud2MtGF4DmISCz4x0hAxHvus2DZ9fQ==

GET
H/1.1 200
OK CircularStd-Book.woff2
d2rh7yeab97r35.cloudfront.net/assets/g/ 11 KB
0 278ms
172ms Font
application/font-woff2 2600:9000:223f:400:16:6756:7840:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/CircularStd-Book.woff2
Requested by: Host: d2rh7yeab97r35.cloudfront.net
URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/about-a619b304dabc436c769fd61958159b8a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:400:16:6756:7840:21 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash

Request headers

Referer: https://d2rh7yeab97r35.cloudfront.net/assets/g/about-a619b304dabc436c769fd61958159b8a.css
Origin: https://aht22.bookeddirectly.com
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Wed, 17 Apr 2024 11:21:23 GMT
Via: 1.1 vegur, 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-Amz-Cf-Pop: FRA56-P5
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 24944
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D
Last-Modified: Tue, 16 Apr 2024 12:45:39 GMT
Server: Cowboy
Access-Control-Max-Age: 7200
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713352884&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=%2FjVhUfWgzmO2%2Fk6VwWMDFiQlOYo99L%2F4MVAR8EAAx58%3D"}]}
Content-Type: application/font-woff2
Access-Control-Allow-Origin: https://aht22.bookeddirectly.com
Access-Control-Allow-Methods: GET, POST, OPTIONS, PATCH, PUT, DELETE
Access-Control-Expose-Headers
Cache-Control: public, max-age=31536000
Vary: Origin
X-Amz-Cf-Id: 2GA2mkhewkv1kxqH8GKWiFOXSREexnxfLKaXoUX2SbT5Pna9PfYB5A==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d2rh7yeab97r35.cloudfront.net
URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/search-bar-6f4e9c2efec14d06cb8e30985f4477c8.js

Domain: d2rh7yeab97r35.cloudfront.net
URL: https://d2rh7yeab97r35.cloudfront.net/assets/g/about-0cc668336931cb71c6770d56ddce1e3a.js

Domain: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.23.0/rollbar.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://aht22.ee/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aht22.bookeddirectly.com
aht22.ee
cdn.filestackcontent.com
cdn.rollbar.com
d21py1zpo0yxkp.cloudfront.net
d2rh7yeab97r35.cloudfront.net
cdn.rollbar.com
d2rh7yeab97r35.cloudfront.net
151.101.66.133
217.64.46.117
2600:9000:223c:bc00:1e:df23:9e40:21
2600:9000:223f:400:16:6756:7840:21
54.73.26.109
23419a40a34fa65112947710ccc3a13d57fcee20095cba69bf6203a613cb021f
67eb07f591af803cf163cf034d26fcc38fe8f543126781108be2d7c5e754cacd
91d3ae3ca4bf6437bc2b32dec062821a849210b2cc09bab9e81a018f595faa27
d24b050fe311b096cbfb298cab2ea6962b28865bdb9b1f2add6434b276626822
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dbdba0d120f9e0a8eb08806029cc2ba3195b4b46425cef2d8b7433cabcad7380

aht22.bookeddirectly.com Open in urlscan Pro 54.73.26.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

69 %HTTPS

40 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

154 kBTransfer

1042 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

aht22.bookeddirectly.com Open in urlscan Pro
54.73.26.109 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

69 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

154 kB
Transfer

1042 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions