URL: https://booking.sstravels.net/
Submission: On September 13 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 209.59.190.203, located in United States and belongs to LIQUIDWEB, US. The main domain is booking.sstravels.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 13th 2024. Valid for: a year.
This is the only time booking.sstravels.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 209.59.190.203 32244 (LIQUIDWEB)
5 2a00:1450:400... 15169 (GOOGLE)
1 103.55.149.32 26380 (MASTER-7-AS)
1 2600:9000:223... 16509 (AMAZON-02)
4 209.59.191.24 32244 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
23 6
Apex Domain
Subdomains
Transfer
11 sstravels.net
booking.sstravels.net
598 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
4 appnavotar.com
book.appnavotar.com
1 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 squarecdn.com
web.squarecdn.com — Cisco Umbrella Rank: 32364
108 KB
1 mastercard.com
cbcmpgs.gateway.mastercard.com
42 KB
23 6
Domain Requested by
11 booking.sstravels.net booking.sstravels.net
5 fonts.googleapis.com booking.sstravels.net
4 book.appnavotar.com booking.sstravels.net
1 fonts.gstatic.com fonts.googleapis.com
1 web.squarecdn.com booking.sstravels.net
1 cbcmpgs.gateway.mastercard.com booking.sstravels.net
23 6

This site contains no links.

Subject Issuer Validity Valid
booking.sstravels.net
Sectigo RSA Domain Validation Secure Server CA
2024-09-13 -
2025-09-28
a year crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.gateway.mastercard.com
Entrust Certification Authority - L1K
2024-03-06 -
2025-04-06
a year crt.sh
web.squarecdn.com
Amazon RSA 2048 M02
2024-03-02 -
2025-03-31
a year crt.sh
*.appnavotar.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-21 -
2024-10-06
a year crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking.sstravels.net/
Frame ID: 890DA8A7FE2F5037BAECC9A4D696FB00
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Book Your Vehicle

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

771 kB
Transfer

2500 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
booking.sstravels.net/
16 KB
7 KB
Document
General
Full URL
https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4ad60a4d9e92310053103c91be300c6433c890b5ec5ba16af620077b91844d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
7239
content-type
text/html
date
Fri, 13 Sep 2024 18:35:11 GMT
etag
"0165b38baddda1:0"
last-modified
Wed, 24 Jul 2024 11:11:24 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
css
fonts.googleapis.com/
2 KB
1001 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
158235a454c29707117f6570f40fcc1e7d143f14dc1af1085979b47cf19e4871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 17:04:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Sep 2024 18:35:11 GMT
icon
fonts.googleapis.com/
569 B
439 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 18:35:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Sep 2024 18:35:11 GMT
css2
fonts.googleapis.com/
5 KB
688 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 18:16:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Sep 2024 18:35:11 GMT
css2
fonts.googleapis.com/
11 KB
802 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,100&display=swap
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b9a518563c6d41322a411e19da6afebca14d33c7bcff4ba2727fa94dfb51404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 18:35:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Sep 2024 18:35:11 GMT
css2
fonts.googleapis.com/
792 B
446 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Krona+One&display=swap
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6410ec2e562c03e0c443b0aa90bf11f9eece7bd67a0219cd4134d59f4bee7a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Sep 2024 18:35:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Sep 2024 18:35:11 GMT
webxpay.hostedsession.js
booking.sstravels.net/
3 KB
1 KB
Script
General
Full URL
https://booking.sstravels.net/webxpay.hostedsession.js
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3a49ce8f8b73d179ab39f3910acadb65b84c9236e67d58ceb4d3c7e05f6e8e67

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 10:50:52 GMT
server
Microsoft-IIS/10.0
etag
"0ce65ab7ddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1172
session.js
cbcmpgs.gateway.mastercard.com/form/version/63/merchant/WEBXTOKMSUSD/
123 KB
42 KB
Script
General
Full URL
https://cbcmpgs.gateway.mastercard.com/form/version/63/merchant/WEBXTOKMSUSD/session.js
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.55.149.32 , Australia, ASN26380 (MASTER-7-AS, US),
Reverse DNS
syd-stripe2.ap.gateway.mastercard.com
Software
/
Resource Hash
15754e8777c1d1c34872a2475a9de759fad4e8ef36d4d6880934734088ef7945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 13 Sep 2024 18:35:12 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Content-Security-Policy-Report-Only
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdnjs.cloudflare.com/ https://netdna.bootstrapcdn.com/bootstrap/ https://ssl.google-analytics.com/ https://rum-static.pingdom.net/ https://rum-collector-2.pingdom.net/ https://sandbox.masterpass.com/ https://static.masterpass.com/ https://www.google-analytics.com/ http://linkhelp.clients.google.com https://unpkg.com https://cdn.polyfill.io https://business.secure.checkout.visa.com https://sandbox-business.secure.checkout.visa.com https://fonts.gstatic.com/ https://fonts.googleapis.com/ https://cdnjs.cloudflare.com/ https://netdna.bootstrapcdn.com/bootstrap/ https://src.mastercard.com/ https://openid.americanexpress.com/ https://secure.checkout.visa.com/ https://www.aexp-static.com/ https://srcdcf.americanexpress.com https://qa.static.gateway.mastercard.com/ https://stage.static.gateway.mastercard.com/ https://mtf.static.gateway.mastercard.com/ https://static.gateway.mastercard.com/; report-uri /callbackInterface/cspViolationReport; frame-ancestors 'self'
vary
accept-encoding
Content-Type
text/javascript;charset=UTF-8
Content-Language
de-DE
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 14 Sep 2024 18:35:12 GMT
square.js
web.squarecdn.com/v1/
382 KB
108 KB
Script
General
Full URL
https://web.squarecdn.com/v1/square.js
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a400:13:4005:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32116b476dc2646a77cf0520a1c6f915747302e2254787cedbc4cb6b875804ba

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
SyrV_NUxrpiBouMNXwZ7xk4klax1uVOR
content-encoding
gzip
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date
Fri, 13 Sep 2024 00:19:58 GMT
x-amz-cf-pop
FRA56-P3
age
65724
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-websdk-version
1.60.6
last-modified
Fri, 06 Sep 2024 19:59:30 GMT
server
AmazonS3
etag
W/"36f20a4e1d78e1eac17a9b2a84874215"
access-control-max-age
300
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-meta-md5checksum
NvIKTh144erBepsqhIdCFQ==
cache-control
public, max-age=300
vary
Accept-Encoding
x-amz-cf-id
a7kwcF1GzMjHmn2NaKKeMCRd1uNnS421EJ1hn1IGY9Wykg8s20XfeA==
main.7869beb9.chunk.css
booking.sstravels.net/static/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://booking.sstravels.net/static/css/main.7869beb9.chunk.css
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
01c695439c435d01a03ab084ba870bc6ddf7f75f369c79806c61f5902a7b521e

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 11:11:22 GMT
server
Microsoft-IIS/10.0
etag
"0e92937baddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1118
307.6972f028.chunk.js
booking.sstravels.net/static/js/
1 MB
382 KB
Script
General
Full URL
https://booking.sstravels.net/static/js/307.6972f028.chunk.js
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f890c65f58798d6611f315feb56bba1334bd227ae555350a091e9df65e5204aa

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 11:11:22 GMT
server
Microsoft-IIS/10.0
etag
"0e92937baddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
main.f274e2bb.chunk.js
booking.sstravels.net/static/js/
304 KB
85 KB
Script
General
Full URL
https://booking.sstravels.net/static/js/main.f274e2bb.chunk.js
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
54912e245f222bb1b73f505a6ce6ecdc686834b844369d869fd7f1fcda4e5af9

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:11 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 11:11:22 GMT
server
Microsoft-IIS/10.0
etag
"0e92937baddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
/
book.appnavotar.com/api/reservation/token/
0
0
Preflight
General
Full URL
https://book.appnavotar.com/api/reservation/token/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.191.24 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-clientid
Access-Control-Request-Method
GET
Origin
https://booking.sstravels.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,x-clientid
access-control-allow-methods
GET
access-control-allow-origin
*
date
Fri, 13 Sep 2024 18:35:13 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
x-powered-by
ASP.NET
341.ace62e32.chunk.css
booking.sstravels.net/static/css/
1 KB
860 B
Stylesheet
General
Full URL
https://booking.sstravels.net/static/css/341.ace62e32.chunk.css
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
38a4fbc044932a8d652e21e93fb65894c14d04fe8cef5889bbfbca4b7ec877c0

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:12 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 11:11:22 GMT
server
Microsoft-IIS/10.0
etag
"0e92937baddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
795
341.24d37a88.chunk.js
booking.sstravels.net/static/js/
151 B
280 B
Script
General
Full URL
https://booking.sstravels.net/static/js/341.24d37a88.chunk.js
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
79acc244e964e4b92909334d8d04a8ba4407200834a2de01ef503c35c9386d9f

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:12 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 11:11:22 GMT
server
Microsoft-IIS/10.0
etag
"0e92937baddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
238
340.e3610b47.chunk.css
booking.sstravels.net/static/css/
567 KB
91 KB
Stylesheet
General
Full URL
https://booking.sstravels.net/static/css/340.e3610b47.chunk.css
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
434b2410d6831008aa0013ff6ce7baa6878c63ea50ecbe446720b813956d3d3b

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:12 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 11:11:22 GMT
server
Microsoft-IIS/10.0
etag
"0e92937baddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
340.ac86a20f.chunk.js
booking.sstravels.net/static/js/
151 B
276 B
Script
General
Full URL
https://booking.sstravels.net/static/js/340.ac86a20f.chunk.js
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4177dd5e0c7e6fde87b144783ef7178d3aec6b4729739a144c12b570731acd73

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:12 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 11:11:22 GMT
server
Microsoft-IIS/10.0
etag
"0e92937baddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
238
private.a4093739.svg
booking.sstravels.net/static/media/
22 KB
22 KB
Image
General
Full URL
https://booking.sstravels.net/static/media/private.a4093739.svg
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3ab2eb790b5f6552033c9bbae72c35f532cb4a400c7761343c4550799ab20656

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:12 GMT
last-modified
Wed, 24 Jul 2024 11:11:10 GMT
server
Microsoft-IIS/10.0
etag
"0db230baddda1:0"
x-powered-by
ASP.NET
content-type
image/svg+xml
accept-ranges
bytes
content-length
22227
/
book.appnavotar.com/api/reservation/token/
787 B
844 B
XHR
General
Full URL
https://book.appnavotar.com/api/reservation/token/
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/static/js/307.6972f028.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.191.24 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
59b66af82091454f76f653e379b347cb741f811c8b1a67b3676ba501fd0258ee
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://booking.sstravels.net/
X-clientId
null
Authorization
Bearer null
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=2592000
date
Fri, 13 Sep 2024 18:35:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://booking.sstravels.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 11:51:39 GMT
x-content-type-options
nosniff
age
283413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18536
x-xss-protection
0
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Sep 2025 11:51:39 GMT
favicon.ico
booking.sstravels.net/
16 KB
7 KB
Other
General
Full URL
https://booking.sstravels.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.190.203 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4ad60a4d9e92310053103c91be300c6433c890b5ec5ba16af620077b91844d5

Request headers

Referer
https://booking.sstravels.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:35:12 GMT
content-encoding
gzip
last-modified
Wed, 24 Jul 2024 11:11:24 GMT
server
Microsoft-IIS/10.0
etag
"0165b38baddda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
7239
initdata
book.appnavotar.com/api/reservation/
248 B
312 B
XHR
General
Full URL
https://book.appnavotar.com/api/reservation/initdata?clientid=null
Requested by
Host: booking.sstravels.net
URL: https://booking.sstravels.net/static/js/307.6972f028.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.191.24 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
817d482143473ba9a5be7abc74a1ae69ab8edda73e77ccb1dde161a6438a2d5e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://booking.sstravels.net/
X-clientId
null
Authorization
Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjA2ODVBRkVEMTFBMUVERkNCN0FFMTk3RUEzREVCQThGIiwidHlwIjoiYXQrand0In0.eyJuYmYiOjE3MjYyNTI1MTQsImV4cCI6MTcyNjI1NjExNCwiaXNzIjoiaHR0cHM6Ly9hdXRoLmFwcG5hdm90YXIuY29tIiwiYXVkIjoiaHR0cHM6Ly9hdXRoLmFwcG5hdm90YXIuY29tL3Jlc291cmNlcyIsImNsaWVudF9pZCI6ImNsaWVudCIsImNsaWVudF9uYXZvdGFyX3VzZXJpZCI6IjE4MjMwIiwianRpIjoiNDkwQkVCNTJFMTcwOUYwMkIxMDYxQkFDMDdCMzg5MzEiLCJpYXQiOjE3MjYyNTI1MTQsInNjb3BlIjpbIlJlc2VydmF0aW9uIl19.tUYfOJjmTjFMomBe3GBl3NPibYlTBl2Ubpkio7iuQuXtbdWb0SG_6oB0gVW_tcMYNqfHX9m3HGaaT0b73TDlw_17BDKYLEkZjTGcyEzaYDImOJyp9TwMsIv5UXeXGGv8rB9PL5yKaJfZY25QVlJeoKREYpyrBLQnOZ0pqTauC4sgEtLemwGOBkvVDqU-LEVZ5UOiWKgVM6SEcTxCSvcQ00ZXcTbmRx_HWjFM3HSFca7CcTaF2iYs3bTf3e4q6YBpkdGxLII3QpqxFrn5_jJsIajIHlk0U-gyDGeCDsa39yRb2Z8xdJHARlKAC2by3FMXvtfhUxISZZLXRNJGvCy5MQ
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=2592000
date
Fri, 13 Sep 2024 18:35:14 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/problem+json; charset=utf-8
initdata
book.appnavotar.com/api/reservation/
0
0
Preflight
General
Full URL
https://book.appnavotar.com/api/reservation/initdata?clientid=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.59.191.24 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
web.navotar.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-clientid
Access-Control-Request-Method
GET
Origin
https://booking.sstravels.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,x-clientid
access-control-allow-methods
GET
access-control-allow-origin
*
date
Fri, 13 Sep 2024 18:35:14 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=2592000
x-powered-by
ASP.NET

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| HostedSession function| WebxpayTokenizeInit object| PaymentSession function| PaymentSessionInternal object| _sentryDebugIds object| Square object| webpackJsonpreservations object| regeneratorRuntime function| Payment function| setImmediate function| clearImmediate

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://book.appnavotar.com/api/reservation/initdata?clientid=null
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

book.appnavotar.com
booking.sstravels.net
cbcmpgs.gateway.mastercard.com
fonts.googleapis.com
fonts.gstatic.com
web.squarecdn.com
103.55.149.32
209.59.190.203
209.59.191.24
2600:9000:223d:a400:13:4005:e4c0:93a1
2a00:1450:4001:80b::2003
2a00:1450:4001:831::200a
01c695439c435d01a03ab084ba870bc6ddf7f75f369c79806c61f5902a7b521e
15754e8777c1d1c34872a2475a9de759fad4e8ef36d4d6880934734088ef7945
158235a454c29707117f6570f40fcc1e7d143f14dc1af1085979b47cf19e4871
32116b476dc2646a77cf0520a1c6f915747302e2254787cedbc4cb6b875804ba
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
38a4fbc044932a8d652e21e93fb65894c14d04fe8cef5889bbfbca4b7ec877c0
3a49ce8f8b73d179ab39f3910acadb65b84c9236e67d58ceb4d3c7e05f6e8e67
3ab2eb790b5f6552033c9bbae72c35f532cb4a400c7761343c4550799ab20656
4177dd5e0c7e6fde87b144783ef7178d3aec6b4729739a144c12b570731acd73
434b2410d6831008aa0013ff6ce7baa6878c63ea50ecbe446720b813956d3d3b
54912e245f222bb1b73f505a6ce6ecdc686834b844369d869fd7f1fcda4e5af9
59b66af82091454f76f653e379b347cb741f811c8b1a67b3676ba501fd0258ee
79acc244e964e4b92909334d8d04a8ba4407200834a2de01ef503c35c9386d9f
817d482143473ba9a5be7abc74a1ae69ab8edda73e77ccb1dde161a6438a2d5e
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9b9a518563c6d41322a411e19da6afebca14d33c7bcff4ba2727fa94dfb51404
aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348
d6410ec2e562c03e0c443b0aa90bf11f9eece7bd67a0219cd4134d59f4bee7a5
e4ad60a4d9e92310053103c91be300c6433c890b5ec5ba16af620077b91844d5
f890c65f58798d6611f315feb56bba1334bd227ae555350a091e9df65e5204aa