urlscan.io logo urlscan.io
SecurityTrails logo

www.booking.xurtek.com Open in urlscan Pro
74.220.199.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.booking.xurtek.com/
Effective URL: https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Submission: On August 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 74.220.199.57, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.booking.xurtek.com.
TLS certificate: Issued by R10 on August 19th 2024. Valid for: 3 months.
This is the only time www.booking.xurtek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 74.220.199.57 46606 (UNIFIEDLA...)
1 142.250.185.100 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 4
Apex Domain
Subdomains		 Transfer
8 xurtek.com
www.booking.xurtek.com
67 KB
1 gstatic.com
www.gstatic.com
212 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
961 B
11 3
Domain Requested by
8 www.booking.xurtek.com 2 redirects www.booking.xurtek.com
1 www.gstatic.com www.google.com
1 www.google.com www.booking.xurtek.com
11 3

This site contains no links.

Subject Issuer Validity Valid
booking.xurtek.com
R10		 2024-08-19 -
2024-11-17		 3 months crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Frame ID: F960E1051B0BEC9BD3EF8FC9FEDA7D72
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Customer Relationship Management v.1.0

Page URL History Show full URLs

  1. https://www.booking.xurtek.com/ HTTP 302
    https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw HTTP 301
    https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

11
Requests

73 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

280 kB
Transfer

1678 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.booking.xurtek.com/ HTTP 302
    https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw HTTP 301
    https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Redirect Chain
  • https://www.booking.xurtek.com/
  • https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw
  • https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.199.57 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
fast2000.fastdomain.com
Software
Apache /
Resource Hash
599df7c162b6874dda4dc72ea14b19503445e7e3af7393bfd2d29a18e63dc8a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1645
content-type
text/html; charset=UTF-8
date
Mon, 19 Aug 2024 11:54:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding

Redirect headers

content-length
288
content-type
text/html; charset=iso-8859-1
date
Mon, 19 Aug 2024 11:54:28 GMT
location
https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
server
Apache
font-awesome.css
www.booking.xurtek.com/public/lib/font-awesome/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.booking.xurtek.com/public/lib/font-awesome/css/font-awesome.css
Requested by
Host: www.booking.xurtek.com
URL: https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.199.57 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
fast2000.fastdomain.com
Software
Apache /
Resource Hash
185aa0be70c721630a67d0d44588bace81a5d2afd0d74fbd5e0b98ad1250ff5f

Request headers

Referer
https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 11:54:28 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 00:48:10 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7530
ionicons.css
www.booking.xurtek.com/public/lib/Ionicons/css/ 		56 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.booking.xurtek.com/public/lib/Ionicons/css/ionicons.css
Requested by
Host: www.booking.xurtek.com
URL: https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.199.57 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
fast2000.fastdomain.com
Software
Apache /
Resource Hash
04d5735b32a08e4ad22ba35151eec9a96a47ce70c6308909082e255a1c5d2fb5

Request headers

Referer
https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 11:54:28 GMT
content-encoding
gzip
last-modified
Wed, 11 Mar 2020 00:58:06 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
9037
bracket.css
www.booking.xurtek.com/public/css/ 		998 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.booking.xurtek.com/public/css/bracket.css
Requested by
Host: www.booking.xurtek.com
URL: https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.199.57 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
fast2000.fastdomain.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 11:54:28 GMT
content-encoding
gzip
last-modified
Sun, 24 Sep 2023 10:17:31 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.booking.xurtek.com
URL: https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
cd09d55dabb97cec1c25432cee39e9c30f22e70f1eeb6a22d056399786712b45
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.booking.xurtek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 11:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 19 Aug 2024 11:54:28 GMT
background-gray.jpeg
www.booking.xurtek.com/public/img/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.booking.xurtek.com/public/img/background-gray.jpeg
Requested by
Host: www.booking.xurtek.com
URL: https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.199.57 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
fast2000.fastdomain.com
Software
Apache /
Resource Hash
c6cb9cfa822c6b09542b5e492b79232f3965a2614cc0f03e5ede21d08b29c100

Request headers

Referer
https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 11:54:28 GMT
last-modified
Mon, 23 May 2022 09:24:37 GMT
server
Apache
accept-ranges
bytes
content-length
47231
content-type
image/jpeg
button-google.png
www.booking.xurtek.com/public/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.booking.xurtek.com/public/img/button-google.png
Requested by
Host: www.booking.xurtek.com
URL: https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
74.220.199.57 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
fast2000.fastdomain.com
Software
Apache /
Resource Hash
17a7aadb06f063973ae45e725ac29f6549e4fc7174f661ea47e38cfea699442d

Request headers

Referer
https://www.booking.xurtek.com/login/aHR0cHM6Ly93d3cuYm9va2luZy54dXJ0ZWsuY29tLw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 11:54:28 GMT
last-modified
Thu, 03 Nov 2022 03:57:29 GMT
server
Apache
accept-ranges
bytes
content-length
2707
content-type
image/png
jquery.js
www.booking.xurtek.com/public/lib/jquery/ 		0
0
popper.min.js
www.booking.xurtek.com/public/lib/popper/ 		0
0
bootstrap.js
www.booking.xurtek.com/public/lib/bootstrap/js/ 		0
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 		533 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.booking.xurtek.com/
Origin
https://www.booking.xurtek.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 18 Aug 2024 08:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216180
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 04:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Aug 2025 08:39:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.booking.xurtek.com
URL
https://www.booking.xurtek.com/public/lib/jquery/jquery.js
Domain
www.booking.xurtek.com
URL
https://www.booking.xurtek.com/public/lib/popper/popper.min.js
Domain
www.booking.xurtek.com
URL
https://www.booking.xurtek.com/public/lib/bootstrap/js/bootstrap.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

1 Cookies

Domain/Path Name / Value
www.booking.xurtek.com/ Name: PHPSESSID
Value: 0641a9566505ec5d58e2e2df00585bee