Submitted URL: https://airberlin.no/f3am
Effective URL: http://airberlin.no/f3am
Submission: On March 19 via manual from SG — Scanned from NO

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 77.83.246.34, located in Warsaw, Poland and belongs to GIR-AS, RU. The main domain is airberlin.no.
This is the only time airberlin.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

MIME: PDF document, version 1.4
Size: 98 KB (100091 bytes, 100% done)
Downloaded from: https://java-kz.online/egov.kz/notifications/oplata-nalogov-dlya-bughalterov/03-18-2024/37429874823/salykreport/document28839014/Salyk-Notification.pdf

Domain & IP information

IP Address AS Autonomous System
2 77.83.246.34 207713 (GIR-AS)
1 2a02:4780:8:6... 47583 (AS-HOSTINGER)
3 2
Apex Domain
Subdomains
Transfer
2 airberlin.no
airberlin.no
1 KB
1 java-kz.online
java-kz.online
3 2
Domain Requested by
2 airberlin.no airberlin.no
1 java-kz.online
3 2

This site contains no links.

Subject Issuer Validity Valid
airberlin.no
R3
2024-03-16 -
2024-06-14
3 months crt.sh
java-kz.online
R3
2024-02-13 -
2024-05-13
3 months crt.sh

This page contains 1 frames:

Frame: https://java-kz.online/egov.kz/notifications/oplata-nalogov-dlya-bughalterov/03-18-2024/37429874823/salykreport/document28839014/Salyk-Notification.pdf
Frame ID: 3DA4349467F98083BF2F51B7CA065B75
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://airberlin.no/f3am Page URL
  2. http://airberlin.no/f3am Page URL

Page Statistics

3
Requests

67 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

2 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://airberlin.no/f3am Page URL
  2. http://airberlin.no/f3am Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
f3am
airberlin.no/
1 KB
704 B
Document
General
Full URL
https://airberlin.no/f3am
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
77.83.246.34 Warsaw, Poland, ASN207713 (GIR-AS, RU),
Reverse DNS
polo_3p.ip-ptr.tech
Software
openresty / PHP/7.2.30
Resource Hash
6361a2b851a5829f71d45e1ab92bbd1dc12182b51f67dd83c4d84f5a8c1e12e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Mar 2024 10:22:26 GMT
Server
openresty
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.30
Primary Request f3am
airberlin.no/
664 B
552 B
Document
General
Full URL
http://airberlin.no/f3am
Requested by
Host: airberlin.no
URL: https://airberlin.no/f3am
Protocol
HTTP/1.1
Server
77.83.246.34 Warsaw, Poland, ASN207713 (GIR-AS, RU),
Reverse DNS
polo_3p.ip-ptr.tech
Software
openresty / PHP/7.2.30
Resource Hash
2576142ae479bad0e47060418482feeb162b53c748029a2ade74872dc8ff719b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Mar 2024 10:22:27 GMT
Server
openresty
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.30
Salyk-Notification.pdf
java-kz.online/egov.kz/notifications/oplata-nalogov-dlya-bughalterov/03-18-2024/37429874823/salykreport/document28839014/
0
0
Document
General
Full URL
https://java-kz.online/egov.kz/notifications/oplata-nalogov-dlya-bughalterov/03-18-2024/37429874823/salykreport/document28839014/Salyk-Notification.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:8:612:0:2d71:1eb7:2 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
http://airberlin.no/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
100091
content-security-policy
upgrade-insecure-requests
content-type
application/pdf
date
Tue, 19 Mar 2024 10:22:27 GMT
etag
"186fb-65f7806b-d2cdff2ec1655a7c;;;"
last-modified
Sun, 17 Mar 2024 23:44:43 GMT
platform
hostinger
server
LiteSpeed

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
airberlin.no/ Name: 212484fe3
Value: 84fe305081c3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airberlin.no
java-kz.online
2a02:4780:8:612:0:2d71:1eb7:2
77.83.246.34
2576142ae479bad0e47060418482feeb162b53c748029a2ade74872dc8ff719b
6361a2b851a5829f71d45e1ab92bbd1dc12182b51f67dd83c4d84f5a8c1e12e1