booking.gr.ivao.aero Open in urlscan Pro
188.165.48.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.gr.ivao.aero/
Submission: On March 05 via automatic, source certstream-suspicious (March 5th 2020, 9:32:22 pm UTC)

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 188.165.48.60, located in France and belongs to OVH, FR. The main domain is booking.gr.ivao.aero.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 5th 2020. Valid for: 3 months.

This is the only time booking.gr.ivao.aero was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
13	188.165.48.60 188.165.48.60		16276 (OVH) (OVH)
5	23.111.9.35 23.111.9.35		33438 (HIGHWINDS2) (HIGHWINDS2)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b		20446 (HIGHWINDS3) (HIGHWINDS3)
20	4

13 188.165.48.60 (France)

ASN16276 (OVH, FR)
PTR: divisions-fo.ivao.aero

booking.gr.ivao.aero	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ivao.aero booking.gr.ivao.aero	1 MB
5	fontawesome.com use.fontawesome.com	86 KB
1	jquery.com code.jquery.com	33 KB
0	googleapis.com Failed fonts.googleapis.com Failed
20	4

	Domain	Requested by
13	booking.gr.ivao.aero	booking.gr.ivao.aero code.jquery.com
5	use.fontawesome.com	booking.gr.ivao.aero use.fontawesome.com
1	code.jquery.com	booking.gr.ivao.aero
0	fonts.googleapis.com Failed	booking.gr.ivao.aero
20	4

This site contains links to these domains. Also see Links.

Domain
gettemplate.com

Subject Issuer	Validity	Valid
booking.gr.ivao.aero Let's Encrypt Authority X3	`2020-03-05` - `2020-06-03`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://booking.gr.ivao.aero/
Frame ID: E848341A1A08D5BAC0A3EB92926A8A7A
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/assets\/[a-zA-Z0-9]{8}\/yii\.js$/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /\/assets\/[a-zA-Z0-9]{8}\/yii\.js$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

95 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1182 kB
Transfer

1272 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://gettemplate.com/
Title: Progressus

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response booking.gr.ivao.aero/	5 KB 2 KB	100ms 48ms	Document text/html	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PHP/7.1.33 PleskLin Resource Hash `c2e753cf5b208a92c6a3439236f1f64e2ce88f25e20708c58b884c5089472898` Request headers :method GET :authority booking.gr.ivao.aero :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 server nginx date Thu, 05 Mar 2020 21:32:05 GMT content-type text/html; charset=UTF-8 content-length 1668 x-powered-by PHP/7.1.33 PleskLin set-cookie _csrf=ee1d8bc233bbed9a2b0ae44cd1792ebd11e5b4c496aa5416e2147eecce37de46a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22SgsFxXh4ZtmJcgEwAoFXIB-pac5ageTy%22%3B%7D; path=/; HttpOnly vary Accept-Encoding content-encoding gzip
GET H2	200	bootstrap.min.css booking.gr.ivao.aero/assets/css/	96 KB 96 KB	38ms 34ms	Stylesheet text/css	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/css/bootstrap.min.css Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `dc4f9a84aaa46ad3108b48a617235131773cc2858860d654b12f4e85df1957c4` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 20:48:40 GMT server nginx x-powered-by PleskLin etag "5e6165a8-18095" content-type text/css status 200 accept-ranges bytes content-length 98453
GET H2	200	3dd7b4bfc2.js Show response use.fontawesome.com/	4 KB 2 KB	435ms 403ms	Script text/javascript	23.111.9.35 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/3dd7b4bfc2.js Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `e637a9b2bc7a96223c52ddfb7b5a0be5dfa2eac0d165935d87f93b62c8539008` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 21:32:06 GMT content-encoding gzip last-modified Fri, 05 Aug 2016 05:22:00 GMT server NetDNA-cache/2.2 x-amz-request-id 843B34AF8B4BCE85 etag W/"c19fc69b98c17bcadcb74ab20ed9d841" x-cache MISS content-type text/javascript status 200 cache-control max-age=0, private, must-revalidate x-amz-id-2 8R9Y6RdvymRew+SbVBJS6CmbwJHPeR0IlkDg8NO+420zv4O0RpcbXMlOaH4PacQ5VZMz5kvYY3k=
GET H2	200	main.css booking.gr.ivao.aero/assets/css/	4 KB 4 KB	57ms 53ms	Stylesheet text/css	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/css/main.css Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `6cfb97e0e7d1e34ce9bf6560d626eca420f68efaaef68514826151dc26d386dd` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 20:48:40 GMT server nginx x-powered-by PleskLin etag "5e6165a8-1080" content-type text/css status 200 accept-ranges bytes content-length 4224
GET H2	200	bootstrap.css booking.gr.ivao.aero/assets/3dc00629/css/	143 KB 143 KB	58ms 54ms	Stylesheet text/css	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/3dc00629/css/bootstrap.css Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 21:30:40 GMT server nginx x-powered-by PleskLin etag "5e616f80-23a5a" content-type text/css status 200 accept-ranges bytes content-length 146010
GET H2	200	site.css booking.gr.ivao.aero/css/	1 KB 1 KB	58ms 54ms	Stylesheet text/css	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/css/site.css Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `82079e6599db803ff74557ffce007c6687de199da703b0ce0dafcbcfeae9d671` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 20:48:29 GMT server nginx x-powered-by PleskLin etag "5e61659d-554" content-type text/css status 200 accept-ranges bytes content-length 1364
GET H2	200	bootstrap-theme.css booking.gr.ivao.aero/assets/css/	5 KB 5 KB	57ms 54ms	Stylesheet text/css	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/css/bootstrap-theme.css Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `2063b9d41b7be9ace81871b5461742d61ea38672a92ac74432c81835f932f077` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 20:48:40 GMT server nginx x-powered-by PleskLin etag "5e6165a8-1350" content-type text/css status 200 accept-ranges bytes content-length 4944
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response code.jquery.com/	95 KB 33 KB	32ms 6ms	Script application/javascript	2001:4de0:ac19::1:b:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.12.4.min.js Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers Referer https://booking.gr.ivao.aero/ Origin https://booking.gr.ivao.aero Sec-Fetch-Dest script User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 05 Mar 2020 21:32:06 GMT Content-Encoding gzip Last-Modified Fri, 20 May 2016 17:18:54 GMT Server nginx ETag W/"573f46fe-17b8b" Vary Accept-Encoding X-HW 1583443926.dop054.fr8.t,1583443926.cds133.fr8.shn,1583443926.cds133.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 33738
GET H2	200	headroom.min.js Show response booking.gr.ivao.aero/assets/js/	3 KB 3 KB	57ms 55ms	Script application/javascript	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/js/headroom.min.js Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `bdf2e3e2ace93f6aa8f868a01237c308cdebfae124b8c4d1cfd10b51a435002f` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 20:48:41 GMT server nginx x-powered-by PleskLin etag "5e6165a9-cda" content-type application/javascript status 200 accept-ranges bytes content-length 3290
GET H2	200	jQuery.headroom.min.js Show response booking.gr.ivao.aero/assets/js/	547 B 568 B	57ms 54ms	Script application/javascript	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/js/jQuery.headroom.min.js Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `51ea54a132ebc3bdab999794bb598fc7976b34059ba71ba170dc4d62edcb6e5e` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 21:32:06 GMT content-encoding gzip etag "223-5a021a97992e6-gzip" last-modified Thu, 05 Mar 2020 20:48:41 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type application/javascript status 200 x-accel-version 0.01 accept-ranges bytes content-length 352
GET H2	200	template.js Show response booking.gr.ivao.aero/assets/js/	391 B 454 B	57ms 55ms	Script application/javascript	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/js/template.js Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `cc300edd0d0b09f0e0d2fecd00a0d1cd41f088c0d2df6661cee64db4b5bbcbb4` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 21:32:06 GMT content-encoding gzip etag "187-5a021a97a4e66-gzip" last-modified Thu, 05 Mar 2020 20:48:41 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type application/javascript status 200 x-accel-version 0.01 accept-ranges bytes content-length 238
GET H2	200	jquery.js Show response booking.gr.ivao.aero/assets/7c2b0a3d/	252 KB 252 KB	57ms 55ms	Script application/javascript	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/7c2b0a3d/jquery.js Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 21:30:40 GMT server nginx x-powered-by PleskLin etag "5e616f80-3ee0f" content-type application/javascript status 200 accept-ranges bytes content-length 257551
GET H2	200	yii.js Show response booking.gr.ivao.aero/assets/32a7b6fa/	20 KB 21 KB	56ms 55ms	Script application/javascript	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/32a7b6fa/yii.js Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `796bab2b50aec1d2e2564950f8b912c6ae172281a7ecbe378dd1bc68ce7669bc` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 21:30:40 GMT server nginx x-powered-by PleskLin etag "5e616f80-51af" content-type application/javascript status 200 accept-ranges bytes content-length 20911
GET H2	200	bootstrap.js Show response booking.gr.ivao.aero/assets/3dc00629/js/	68 KB 68 KB	57ms 56ms	Script application/javascript	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Full URL https://booking.gr.ivao.aero/assets/3dc00629/js/bootstrap.js Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 21:30:40 GMT server nginx x-powered-by PleskLin etag "5e616f80-1104b" content-type application/javascript status 200 accept-ranges bytes content-length 69707
GET		css fonts.googleapis.com/	0 0

GET H2	200	webfontloader.js Show response use.fontawesome.com/webfontloader/1.6.24/	12 KB 6 KB	14ms 14ms	Script application/x-javascript	23.111.9.35 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/3dd7b4bfc2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 05 Mar 2020 21:32:06 GMT content-encoding gzip last-modified Thu, 07 Jul 2016 14:07:46 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag W/"9064ce12d2c81f68123c93bc1a8b0cad" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/x-javascript status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H2	200	panorama-moscow-russia-night_header.jpg booking.gr.ivao.aero/assets/images/	464 KB 465 KB	42ms 41ms	Image image/jpeg	188.165.48.60 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://booking.gr.ivao.aero/assets/images/panorama-moscow-russia-night_header.jpg Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-1.12.4.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.165.48.60 , France, ASN16276 (OVH, FR), Reverse DNS divisions-fo.ivao.aero Software nginx / PleskLin Resource Hash `a35cddf9dc716b5658192c5a7149b9f6e29d6bd317a0a1b02ea8d14f647a3611` Request headers Referer https://booking.gr.ivao.aero/assets/css/main.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 05 Mar 2020 21:32:06 GMT last-modified Thu, 05 Mar 2020 20:48:41 GMT server nginx x-powered-by PleskLin etag "5e6165a9-7416d" content-type image/jpeg status 200 accept-ranges bytes content-length 475501
GET H2	200	3dd7b4bfc2.css use.fontawesome.com/	1 KB 688 B	393ms 393ms	Stylesheet text/css	23.111.9.35 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/3dd7b4bfc2.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `bc679f0a84a669f29fcfdff08833259bd24807b3864ebb68acf8ad4314852221` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 21:32:06 GMT content-encoding gzip last-modified Fri, 05 Aug 2016 05:22:00 GMT server NetDNA-cache/2.2 x-amz-request-id B04D9EBB69AAF7E3 etag W/"4ebdcb64c86d4103a4f58b53bb924c95" x-cache MISS content-type text/css status 200 cache-control max-age=0, private, must-revalidate x-amz-id-2 RY0VEWtotMjkKKSW5wKvU6drYkYDUol0U07bBNTOWwl5mV5+yCPnlwscaZMWjGwqlV6+iiV+L/U=
GET H2	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.6.3/css/	28 KB 7 KB	16ms 15ms	Stylesheet text/css	23.111.9.35 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5` Request headers Referer https://booking.gr.ivao.aero/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 05 Mar 2020 21:32:06 GMT content-encoding gzip last-modified Thu, 12 May 2016 16:47:01 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag W/"7937bc10f6c59ceed1ff6e6bbebfcd8d" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type text/css status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT
GET H2	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.6.3/fonts/	70 KB 71 KB	42ms 13ms	Font application/octet-stream	23.111.9.35 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2 Requested by Host: booking.gr.ivao.aero URL: https://booking.gr.ivao.aero/assets/7c2b0a3d/jquery.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software NetDNA-cache/2.2 / Resource Hash `7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73` Request headers Referer https://use.fontawesome.com/3dd7b4bfc2.css Origin https://booking.gr.ivao.aero Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 05 Mar 2020 21:32:06 GMT content-encoding gzip last-modified Thu, 12 May 2016 16:47:01 GMT server NetDNA-cache/2.2 access-control-allow-origin * etag W/"e6cf7c6ec7c2d6f670ae9d762604cb0b" vary Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET content-type application/octet-stream status 200 access-control-max-age 3000 cache-control max-age=31556926 x-cache HIT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| FontAwesomeCdnConfig object| WebFontConfig function| $ function| jQuery function| Headroom object| jQuery112407550363480768414 object| yii object| WebFont

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			booking.gr.ivao.aero/	1969-12-31 23:59:59	Name: _csrf Value: ee1d8bc233bbed9a2b0ae44cd1792ebd11e5b4c496aa5416e2147eecce37de46a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22SgsFxXh4ZtmJcgEwAoFXIB-pac5ageTy%22%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.gr.ivao.aero
code.jquery.com
fonts.googleapis.com
use.fontawesome.com
fonts.googleapis.com
188.165.48.60
2001:4de0:ac19::1:b:2b
23.111.9.35
0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8
2063b9d41b7be9ace81871b5461742d61ea38672a92ac74432c81835f932f077
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
51ea54a132ebc3bdab999794bb598fc7976b34059ba71ba170dc4d62edcb6e5e
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6cfb97e0e7d1e34ce9bf6560d626eca420f68efaaef68514826151dc26d386dd
796bab2b50aec1d2e2564950f8b912c6ae172281a7ecbe378dd1bc68ce7669bc
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
82079e6599db803ff74557ffce007c6687de199da703b0ce0dafcbcfeae9d671
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
a35cddf9dc716b5658192c5a7149b9f6e29d6bd317a0a1b02ea8d14f647a3611
bc679f0a84a669f29fcfdff08833259bd24807b3864ebb68acf8ad4314852221
bdf2e3e2ace93f6aa8f868a01237c308cdebfae124b8c4d1cfd10b51a435002f
c2e753cf5b208a92c6a3439236f1f64e2ce88f25e20708c58b884c5089472898
cc300edd0d0b09f0e0d2fecd00a0d1cd41f088c0d2df6661cee64db4b5bbcbb4
dc4f9a84aaa46ad3108b48a617235131773cc2858860d654b12f4e85df1957c4
e637a9b2bc7a96223c52ddfb7b5a0be5dfa2eac0d165935d87f93b62c8539008