booking.msp-service.com Open in urlscan Pro
3.125.5.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://booking.msp-service.com/
Effective URL:
https://booking.msp-service.com/accounts/login/?next=/
Submission: On September 01 via automatic, source certstream-suspicious (September 1st 2021, 9:20:18 pm UTC)

Summary HTTP 7 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 3.125.5.28, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is booking.msp-service.com.
TLS certificate: Issued by R3 on September 1st 2021. Valid for: 3 months.

This is the only time booking.msp-service.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 3	3.125.5.28 3.125.5.28		16509 (AMAZON-02) (AMAZON-02)
5	52.219.75.181 52.219.75.181		16509 (AMAZON-02) (AMAZON-02)
7	2

3 3.125.5.28 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-5-28.eu-central-1.compute.amazonaws.com

booking.msp-service.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.219.75.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-central-1.amazonaws.com

msp-mice-booking.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	amazonaws.com msp-mice-booking.s3.amazonaws.com	2 MB
3	msp-service.com 1 redirects booking.msp-service.com	3 KB
7	2

	Domain	Requested by
5	msp-mice-booking.s3.amazonaws.com	booking.msp-service.com msp-mice-booking.s3.amazonaws.com
3	booking.msp-service.com	1 redirects booking.msp-service.com
7	2

This site contains no links.

Subject Issuer	Validity	Valid
booking.msp-service.com R3	`2021-09-01` - `2021-11-30`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://booking.msp-service.com/accounts/login/?next=/
Frame ID: A1337423065E479FE95840A3648FE335
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - MSP hotel booking system

Page URL History Show full URLs

https://booking.msp-service.com/ HTTP 302
https://booking.msp-service.com/accounts/login/?next=/ Page URL

Detected technologies

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2308 kB
Transfer

2312 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://booking.msp-service.com/ HTTP 302
https://booking.msp-service.com/accounts/login/?next=/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
booking.msp-service.com/accounts/login/
Redirect Chain

https://booking.msp-service.com/
https://booking.msp-service.com/accounts/login/?next=/

5 KB
2 KB

74ms
73ms

Document
text/html

3.125.5.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.msp-service.com/accounts/login/?next=/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.125.5.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-5-28.eu-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

f308f32993bd6da7c5d90c009e0010cf7134b24d39b3f8930d4b44f7a493aaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: booking.msp-service.com
:scheme: https
:path: /accounts/login/?next=/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: openresty/1.15.8.2
date: Wed, 01 Sep 2021 21:19:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Cookie, Accept-Language
strict-transport-security: max-age=15724800; includeSubDomains
x-frame-options: SAMEORIGIN
content-language: en
set-cookie: csrftoken=CnJIMCQyCC6Hd4NEnSfgogzVm80dYbYMSiPMqGbzBODoQhhAArfMfXCyC2bNqZeU; expires=Wed, 31-Aug-2022 21:19:53 GMT; Max-Age=31449600; Path=/
content-encoding: gzip

Redirect headers

server: openresty/1.15.8.2
date: Wed, 01 Sep 2021 21:19:53 GMT
content-type: text/html; charset=utf-8
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
location: /accounts/login/?next=/
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie
content-language: en

GET
H/1.1 200
OK general.css
msp-mice-booking.s3.amazonaws.com/static/bundles/ 277 KB
278 KB 206ms
84ms Stylesheet
text/css 52.219.75.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msp-mice-booking.s3.amazonaws.com/static/bundles/general.css?77b1f0b0
Requested by: Host: booking.msp-service.com
URL: https://booking.msp-service.com/accounts/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.75.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 86861ff39b21b3b3bf5764168a1b2dcd736d7ab8ca3d2ea5e41d794ec8d8461b

Request headers

Referer: https://booking.msp-service.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 21:19:54 GMT
Last-Modified: Mon, 17 Feb 2020 16:06:36 GMT
Server: AmazonS3
x-amz-request-id: DAV5Z6X3T6Q3AVGN
ETag: "77b1f0b0f3220d1a9ec4bda241ac852f"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 284007
x-amz-id-2: U/Rfmli537oKkeoMsoT0a2d1TTAhy3W5brNyRtm5wC5ZBwN0QiGDIG1LVSi/owkqzPduWX7Z+Pk=

GET
H/1.1 200
OK metronic.css
msp-mice-booking.s3.amazonaws.com/static/bundles/ 693 KB
694 KB 264ms
124ms Stylesheet
text/css 52.219.75.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msp-mice-booking.s3.amazonaws.com/static/bundles/metronic.css?77846af8
Requested by: Host: booking.msp-service.com
URL: https://booking.msp-service.com/accounts/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.75.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0685036cb2f0aa0ed6d714d5ebe08ecbc2c065e37601d958fc55989b86a69077

Request headers

Referer: https://booking.msp-service.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 21:19:54 GMT
Last-Modified: Mon, 17 Feb 2020 16:06:35 GMT
Server: AmazonS3
x-amz-request-id: DAVFWH4WZYQ4MX19
ETag: "77846af8ab6e87467bdfa8b5290da2a3"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 709873
x-amz-id-2: sLPe8dPTcroieUt08vPUofwCLR1d/+8xKbM+VCfAoV2baaxzG+Rmr8kQVOJcsbZxhXhd8qo4TcU=

GET
H/1.1 200
OK general.js Show response
msp-mice-booking.s3.amazonaws.com/static/bundles/ 1 MB
1 MB 246ms
98ms Script
application/javascript 52.219.75.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msp-mice-booking.s3.amazonaws.com/static/bundles/general.js?11ff4176
Requested by: Host: booking.msp-service.com
URL: https://booking.msp-service.com/accounts/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.75.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b57252dbf7f4826f27e71c82c913374b94401c99ec469064729998c62c408708

Request headers

Referer: https://booking.msp-service.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 21:19:54 GMT
Last-Modified: Mon, 17 Feb 2020 16:06:36 GMT
Server: AmazonS3
x-amz-request-id: DAV9MZQ5F5EWHZ6W
ETag: "11ff4176ace994db3a9e614eedffc04f"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1053809
x-amz-id-2: eq2f3ybVox//zbgVtYMa7C/2xiUKuov2g7O+DA4t1Ut4Kx/DLyJFjUksmhI4x+6XJqXgK7gItnE=

GET
H2 200 / Show response
booking.msp-service.com/jsi18n/ 3 KB
1 KB 45ms
44ms Script
text/javascript 3.125.5.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://booking.msp-service.com/jsi18n/

Requested by

Host: booking.msp-service.com
URL: https://booking.msp-service.com/accounts/login/?next=/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.125.5.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-5-28.eu-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

133d130488583ea8a06a5df821a92fa4e00f67f3f7414e7870cc3b7e6f4d968e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /jsi18n/
pragma: no-cache
cookie: csrftoken=CnJIMCQyCC6Hd4NEnSfgogzVm80dYbYMSiPMqGbzBODoQhhAArfMfXCyC2bNqZeU
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: booking.msp-service.com
referer: https://booking.msp-service.com/accounts/login/?next=/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://booking.msp-service.com/accounts/login/?next=/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 21:19:53 GMT
content-encoding: gzip
server: openresty/1.15.8.2
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Language, Cookie
content-language: en
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/javascript

GET
H/1.1 200
OK logo.png
msp-mice-booking.s3.amazonaws.com/static/img/ 16 KB
17 KB 63ms
62ms Image
image/png 52.219.75.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msp-mice-booking.s3.amazonaws.com/static/img/logo.png
Requested by: Host: booking.msp-service.com
URL: https://booking.msp-service.com/accounts/login/?next=/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.75.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3bc6a8851511f6c8c571d5d1c4dcf3f214b8d04baffd1179d68f4db5e4987f6a

Request headers

Referer: https://booking.msp-service.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 21:19:54 GMT
Last-Modified: Mon, 17 Feb 2020 16:04:54 GMT
Server: AmazonS3
x-amz-request-id: DAV66G5K1YKDXBR9
ETag: "2e55aacfe986046d7ad73bab25732b2c"
Content-Type: image/png
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 16850
x-amz-id-2: rEuo97r7JwkOXfi+BVXMVkOih2+e/BAlnPgkFhqCM0yey4Xq/pt5gRG8fFwjf8GomXKeGQiAvio=

GET
H/1.1 200
OK login-splash.jpg
msp-mice-booking.s3.amazonaws.com/static/img/ 287 KB
288 KB 131ms
131ms Image
image/jpeg 52.219.75.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msp-mice-booking.s3.amazonaws.com/static/img/login-splash.jpg
Requested by: Host: msp-mice-booking.s3.amazonaws.com
URL: https://msp-mice-booking.s3.amazonaws.com/static/bundles/general.css?77b1f0b0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.75.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81ab7bea7353b076a7e8fc3ba20c54119293aab01e3a11548834eefc5b973846

Request headers

Referer: https://msp-mice-booking.s3.amazonaws.com/static/bundles/general.css?77b1f0b0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 21:19:54 GMT
Last-Modified: Mon, 17 Feb 2020 16:04:54 GMT
Server: AmazonS3
x-amz-request-id: DAV1RWXQPAFRJHTQ
ETag: "715459e45a88a5ebef340e07dc8337b9"
Content-Type: image/jpeg
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 294326
x-amz-id-2: FMyCpVJcuH4JUDwnpGHo/w+Io5pkyhbWjPrdQmsV+lgiiHu68xsKG7+hLphq9XBVcthVS+wYGBM=

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| $LOCALE function| FeedHandler function| arrayRemoveByValue function| getCookie string| csrftoken function| csrfSafeMethod function| sameOrigin function| preload function| $ function| jQuery function| moment function| _ object| Backbone object| toastr object| bootbox object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format object| $preloader

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			booking.msp-service.com/	1970-01-20 05:39:40	Name: csrftoken Value: CnJIMCQyCC6Hd4NEnSfgogzVm80dYbYMSiPMqGbzBODoQhhAArfMfXCyC2bNqZeU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.msp-service.com
msp-mice-booking.s3.amazonaws.com
3.125.5.28
52.219.75.181
0685036cb2f0aa0ed6d714d5ebe08ecbc2c065e37601d958fc55989b86a69077
133d130488583ea8a06a5df821a92fa4e00f67f3f7414e7870cc3b7e6f4d968e
3bc6a8851511f6c8c571d5d1c4dcf3f214b8d04baffd1179d68f4db5e4987f6a
81ab7bea7353b076a7e8fc3ba20c54119293aab01e3a11548834eefc5b973846
86861ff39b21b3b3bf5764168a1b2dcd736d7ab8ca3d2ea5e41d794ec8d8461b
b57252dbf7f4826f27e71c82c913374b94401c99ec469064729998c62c408708
f308f32993bd6da7c5d90c009e0010cf7134b24d39b3f8930d4b44f7a493aaeb