www.exrotious.fly-tickets-k1.com Open in urlscan Pro
141.136.39.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.exrotious.fly-tickets-k1.com/
Submission: On March 13 via automatic, source certstream-suspicious (March 13th 2022, 9:41:28 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 141.136.39.77, located in Lithuania and belongs to AS-HOSTINGER, CY. The main domain is www.exrotious.fly-tickets-k1.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 13th 2022. Valid for: 3 months.

This is the only time www.exrotious.fly-tickets-k1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	141.136.39.77 141.136.39.77	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
11	3

6 141.136.39.77 (Lithuania)

ASN47583 (AS-HOSTINGER, CY)
PTR: cpl14.main-hosting.eu

www.exrotious.fly-tickets-k1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	fly-tickets-k1.com www.exrotious.fly-tickets-k1.com	704 KB
4	gstatic.com fonts.gstatic.com	73 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
11	3

	Domain	Requested by
6	www.exrotious.fly-tickets-k1.com	www.exrotious.fly-tickets-k1.com
4	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.exrotious.fly-tickets-k1.com
11	3

This site contains no links.

Subject Issuer	Validity	Valid
exrotious.fly-tickets-k1.com cPanel, Inc. Certification Authority	`2022-03-13` - `2022-06-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.exrotious.fly-tickets-k1.com/
Frame ID: F77313B3240AADB789F5AF4F418C2339
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Airlines Service

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

779 kB
Transfer

790 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.exrotious.fly-tickets-k1.com/ 4 KB
2 KB 93ms
26ms Document
text/html 141.136.39.77
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.exrotious.fly-tickets-k1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.136.39.77 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl14.main-hosting.eu

Software

LiteSpeed /

Resource Hash

7147c5d5187f22021bbac573fb3dd6e6600cb22b93f8f7c6dd1e0050aa74cc99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Sun, 13 Mar 2022 21:20:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1484
date: Sun, 13 Mar 2022 21:41:23 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block;
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 classic.css
www.exrotious.fly-tickets-k1.com/ 3 KB
706 B 50ms
48ms Stylesheet
text/css 141.136.39.77
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.exrotious.fly-tickets-k1.com/classic.css

Requested by

Host: www.exrotious.fly-tickets-k1.com
URL: https://www.exrotious.fly-tickets-k1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.136.39.77 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl14.main-hosting.eu

Software

LiteSpeed /

Resource Hash

c92ef2db9179518df7acae1b133c44acd8f819fb556e972d0b162ba800a991b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.exrotious.fly-tickets-k1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 21:41:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 18:53:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 640
x-xss-protection: 1; mode=block;
expires: Sun, 20 Mar 2022 21:41:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Thai+Looped:wght@100;200;300;400;500;600;700&display=swap

Requested by

Host: www.exrotious.fly-tickets-k1.com
URL: https://www.exrotious.fly-tickets-k1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b29a7356b6adcaa159ca39727098f3876ff30bd437a9cc592b42dcd7434bbaac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.exrotious.fly-tickets-k1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Mar 2022 21:41:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Mar 2022 21:41:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Mar 2022 21:41:23 GMT

GET
H2 200 head-bg.jpg
www.exrotious.fly-tickets-k1.com/image/ 164 KB
164 KB 50ms
49ms Image
image/jpeg 141.136.39.77
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.exrotious.fly-tickets-k1.com/image/head-bg.jpg

Requested by

Host: www.exrotious.fly-tickets-k1.com
URL: https://www.exrotious.fly-tickets-k1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.136.39.77 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl14.main-hosting.eu

Software

LiteSpeed /

Resource Hash

3ada62b218818697b9fa84783deb4d5a39498a98a1015c5ab8544ca6569dad6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.exrotious.fly-tickets-k1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 21:41:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 16:57:00 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 168199
x-xss-protection: 1; mode=block;
expires: Sun, 20 Mar 2022 21:41:23 GMT

GET
H2 200 flights.jpg
www.exrotious.fly-tickets-k1.com/image/ 33 KB
33 KB 50ms
49ms Image
image/jpeg 141.136.39.77
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.exrotious.fly-tickets-k1.com/image/flights.jpg

Requested by

Host: www.exrotious.fly-tickets-k1.com
URL: https://www.exrotious.fly-tickets-k1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.136.39.77 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl14.main-hosting.eu

Software

LiteSpeed /

Resource Hash

faad59db01699d0a2175ba524e93887909ea6986c5edb981051a59700d98e4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.exrotious.fly-tickets-k1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 21:41:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 16:55:22 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 33453
x-xss-protection: 1; mode=block;
expires: Sun, 20 Mar 2022 21:41:23 GMT

GET
H2 200 schedule.jpg
www.exrotious.fly-tickets-k1.com/image/ 57 KB
57 KB 48ms
48ms Image
image/jpeg 141.136.39.77
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.exrotious.fly-tickets-k1.com/image/schedule.jpg

Requested by

Host: www.exrotious.fly-tickets-k1.com
URL: https://www.exrotious.fly-tickets-k1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.136.39.77 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl14.main-hosting.eu

Software

LiteSpeed /

Resource Hash

a4f18eaaf59bca9843b861d357df0583958e07120985a5ee0f7dea43dd3c7958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.exrotious.fly-tickets-k1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 21:41:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 17:13:56 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 58738
x-xss-protection: 1; mode=block;
expires: Sun, 20 Mar 2022 21:41:23 GMT

GET
H3 200 head-bg-blur.jpg
www.exrotious.fly-tickets-k1.com/image/ 447 KB
447 KB 27ms
27ms Image
image/jpeg 141.136.39.77
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.exrotious.fly-tickets-k1.com/image/head-bg-blur.jpg

Requested by

Host: www.exrotious.fly-tickets-k1.com
URL: https://www.exrotious.fly-tickets-k1.com/classic.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.136.39.77 , Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

cpl14.main-hosting.eu

Software

LiteSpeed /

Resource Hash

c0c4175d302dd9e7b270b71c53d23d26846d2c465febfb26a01e3fc0d833ff43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.exrotious.fly-tickets-k1.com/classic.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 21:41:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 17:01:30 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 457459
x-xss-protection: 1; mode=block;
expires: Sun, 20 Mar 2022 21:41:23 GMT

GET
H2 200 tss6AoJJRAhL3BTrK3r2xxbFhvKfyBB6l7hHT30L_K6vtF6JGQ.woff2
fonts.gstatic.com/s/ibmplexsansthailooped/v5/ 18 KB
18 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsansthailooped/v5/tss6AoJJRAhL3BTrK3r2xxbFhvKfyBB6l7hHT30L_K6vtF6JGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Thai+Looped:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98d16aa3109f5d94fdc64852eafbe2679e185fe445cbf7cad1d5e8ea23be98ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.exrotious.fly-tickets-k1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 18:28:13 GMT
x-content-type-options: nosniff
age: 184390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18044
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 22:33:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Mar 2023 18:28:13 GMT

GET
H2 200 tss6AoJJRAhL3BTrK3r2xxbFhvKfyBB6l7hHT30L_NqrtF6JGQ.woff2
fonts.gstatic.com/s/ibmplexsansthailooped/v5/ 19 KB
19 KB 38ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsansthailooped/v5/tss6AoJJRAhL3BTrK3r2xxbFhvKfyBB6l7hHT30L_NqrtF6JGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Thai+Looped:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f5498889956775e34996279b5c3aa6844450078e9339d2617a0660544958c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.exrotious.fly-tickets-k1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 13 Mar 2022 06:57:18 GMT
x-content-type-options: nosniff
age: 53045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19232
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 22:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 06:57:18 GMT

GET
H2 200 tss6AoJJRAhL3BTrK3r2xxbFhvKfyBB6l7hHT30L_MqutF6JGQ.woff2
fonts.gstatic.com/s/ibmplexsansthailooped/v5/ 19 KB
19 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsansthailooped/v5/tss6AoJJRAhL3BTrK3r2xxbFhvKfyBB6l7hHT30L_MqutF6JGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Thai+Looped:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

554622afb098f85cf749e3d9ee7f9a9642b3c429a3778b6a8112d78ab0e3bdb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.exrotious.fly-tickets-k1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 05:45:30 GMT
x-content-type-options: nosniff
age: 402953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19044
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 22:30:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 05:45:30 GMT

GET
H2 200 tss_AoJJRAhL3BTrK3r2xxbFhvKfyBB6l7hHT30L9BWKoQ.woff2
fonts.gstatic.com/s/ibmplexsansthailooped/v5/ 17 KB
17 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsansthailooped/v5/tss_AoJJRAhL3BTrK3r2xxbFhvKfyBB6l7hHT30L9BWKoQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Sans+Thai+Looped:wght@100;200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f3ef7c491cf3202a57e6f18e65652b582576aa4188084615dc6e3abe99c2aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.exrotious.fly-tickets-k1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Mar 2022 04:19:34 GMT
x-content-type-options: nosniff
age: 235309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17768
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 22:32:05 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Mar 2023 04:19:34 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.exrotious.fly-tickets-k1.com
141.136.39.77
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
3ada62b218818697b9fa84783deb4d5a39498a98a1015c5ab8544ca6569dad6d
44f5498889956775e34996279b5c3aa6844450078e9339d2617a0660544958c6
4f3ef7c491cf3202a57e6f18e65652b582576aa4188084615dc6e3abe99c2aea
554622afb098f85cf749e3d9ee7f9a9642b3c429a3778b6a8112d78ab0e3bdb4
7147c5d5187f22021bbac573fb3dd6e6600cb22b93f8f7c6dd1e0050aa74cc99
98d16aa3109f5d94fdc64852eafbe2679e185fe445cbf7cad1d5e8ea23be98ba
a4f18eaaf59bca9843b861d357df0583958e07120985a5ee0f7dea43dd3c7958
b29a7356b6adcaa159ca39727098f3876ff30bd437a9cc592b42dcd7434bbaac
c0c4175d302dd9e7b270b71c53d23d26846d2c465febfb26a01e3fc0d833ff43
c92ef2db9179518df7acae1b133c44acd8f819fb556e972d0b162ba800a991b4
faad59db01699d0a2175ba524e93887909ea6986c5edb981051a59700d98e4c8

www.exrotious.fly-tickets-k1.com Open in urlscan Pro 141.136.39.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

779 kBTransfer

790 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

www.exrotious.fly-tickets-k1.com Open in urlscan Pro
141.136.39.77 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

779 kB
Transfer

790 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions