staging.app.startbooking.com Open in urlscan Pro
146.190.212.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://staging.app.startbooking.com/
Effective URL:
https://staging.app.startbooking.com/login
Submission: On July 21 via automatic, source certstream-suspicious (July 21st 2024, 6:08:20 am UTC) — Scanned from CA

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 146.190.212.131, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is staging.app.startbooking.com.
TLS certificate: Issued by E5 on July 18th 2024. Valid for: 3 months.

This is the only time staging.app.startbooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	146.190.212.131 146.190.212.131	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
2	172.66.43.201 172.66.43.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	64.233.180.94 64.233.180.94	15169 (GOOGLE) (GOOGLE)
2	104.18.42.227 104.18.42.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	6

2 146.190.212.131 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

staging.app.startbooking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.43.201 (United States)

ASN13335 (CLOUDFLARENET, US)

staging.startbooking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.42.227 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.startbooking.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	startbooking.com 1 redirects staging.app.startbooking.com staging.startbooking.com	28 KB
2	startbooking.systems cdn.startbooking.systems	48 KB
2	gstatic.com fonts.gstatic.com	62 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
10	4

	Domain	Requested by
2	cdn.startbooking.systems	staging.startbooking.com
2	fonts.gstatic.com	fonts.googleapis.com
2	staging.startbooking.com	staging.app.startbooking.com staging.startbooking.com
2	staging.app.startbooking.com	1 redirects
1	fonts.googleapis.com	staging.app.startbooking.com
10	5

This site contains links to these domains. Also see Links.

Domain
staging.startbooking.com

Subject Issuer	Validity	Valid
staging.app.startbooking.com E5	`2024-07-18` - `2024-10-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
startbooking.com WE1	`2024-07-04` - `2024-10-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
startbooking.systems E6	`2024-07-19` - `2024-10-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://staging.app.startbooking.com/login
Frame ID: 0733AD16E7AB745182DDE1743AA34996
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Start Booking

Page URL History Show full URLs

https://staging.app.startbooking.com/ HTTP 302
https://staging.app.startbooking.com/login Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

139 kB
Transfer

247 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://staging.startbooking.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://staging.app.startbooking.com/ HTTP 302
https://staging.app.startbooking.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
staging.app.startbooking.com/
Redirect Chain

https://staging.app.startbooking.com/
https://staging.app.startbooking.com/login

4 KB
2 KB

89ms
88ms

Document
text/html

146.190.212.131
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.app.startbooking.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.190.212.131 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ee1d1a842b94c8c69048d750e94801d9c03c3d2a45e228ceabae76bb0142207f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 21 Jul 2024 06:08:15 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Sun, 21 Jul 2024 06:08:15 GMT
location: https://staging.app.startbooking.com/login
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 145ms
60ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,400;0,600;0,700;1,400&family=Spartan:wght@400;500;700;800&display=swap

Requested by

Host: staging.app.startbooking.com
URL: https://staging.app.startbooking.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

b19c5a6b5236d1793ad51e1a42e8a22e458ed018e4d5ce9d41d4285c96086705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://staging.app.startbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jul 2024 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jul 2024 06:08:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jul 2024 06:08:15 GMT

GET
H2 200 style.css
staging.startbooking.com/css/ 114 KB
22 KB 130ms
64ms Stylesheet
text/css 172.66.43.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://staging.startbooking.com/css/style.css

Requested by

Host: staging.app.startbooking.com
URL: https://staging.app.startbooking.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a454efc411b6d4e5812af275a535aba978ba4e86fb4ba4ac06c693894f5bf7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://staging.app.startbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 07 May 2023 15:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6457c929-1c94d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qM19MePz9Hz%2BLSpFAQwgC4TgapPHksDhnMYWCl6hWbFL5K7uFXMTJAv%2FssDF1Tl41vJJel%2Be1P3iNjKzb%2FUNiR%2BYQCxn5Y%2Fy3QhidnMWeKsb2pPPsBiJ5nZNkysa%2BFdQ9qSGKfTBNHeqNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8a6903f08bfdaca0-YYZ
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 logo.svg
staging.startbooking.com/images/ 5 KB
3 KB 121ms
56ms Image
image/svg+xml 172.66.43.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staging.startbooking.com/images/logo.svg

Requested by

Host: staging.app.startbooking.com
URL: https://staging.app.startbooking.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.43.201 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e33c099322eda78ea1c9474eb878aefd13f4952b1815c43f4e5d6489843ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://staging.app.startbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 06:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Jul 2021 18:31:47 GMT
server: cloudflare
etag: W/"60de0a13-1586"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Uwr3PaniLlpEUCLurX%2FcNeECtQWa9qntzn2s2rzRRYOblw5840ZnBgycox5yn5CgqasaZTwI%2Fzg2%2BsW5kwI4K74cunNjuVPJ36JVJbaTFqEKvrhqxGCBwJ0CL8j2Kn9fkcjMSdmW3G7UA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
cf-ray: 8a6903f08bffaca0-YYZ

GET
H2 200 l7gfbjR61M69yt8Z2QKtlA.woff2
fonts.gstatic.com/s/spartan/v18/ 31 KB
31 KB 184ms
93ms Font
font/woff2 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spartan/v18/l7gfbjR61M69yt8Z2QKtlA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,400;0,600;0,700;1,400&family=Spartan:wght@400;500;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

sffe /

Resource Hash

fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://staging.app.startbooking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 09:08:53 GMT
x-content-type-options: nosniff
age: 75562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32040
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 22:41:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jul 2025 09:08:53 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 135ms
45ms Font
font/woff2 64.233.180.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,400;0,600;0,700;1,400&family=Spartan:wght@400;500;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

pe-in-f94.1e100.net

Software

sffe /

Resource Hash

1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://staging.app.startbooking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 20 Jul 2024 10:20:59 GMT
x-content-type-options: nosniff
age: 71236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31052
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:27:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Jul 2025 10:20:59 GMT

GET icomoon.ttf
staging.startbooking.com/fonts/ 0
0

GET icomoon.woff
staging.startbooking.com/fonts/ 0
0

GET
H2 200 icomoon.ttf
cdn.startbooking.systems/marketing/fonts/ 45 KB
46 KB 457ms
362ms Font
application/octet-stream 104.18.42.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.startbooking.systems/marketing/fonts/icomoon.ttf

Requested by

Host: staging.startbooking.com
URL: https://staging.startbooking.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.227 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bf72e88279fb30f3393436474648c468e23f3e72a8b3aa9d6e2b5d76238c208

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://staging.startbooking.com/
Origin: https://staging.app.startbooking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 06:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: tx00000d949aa6901826cb8-00669ca5d0-5cc45812-sfo2a
x-envoy-upstream-healthchecked-cluster
content-length: 46284
last-modified: Wed, 30 Jun 2021 16:55:12 GMT
server: cloudflare
etag: "543ab7939ef8af6d2126a33b4cf1dc25"
vary: Origin,Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-do-cdn-uuid: 972ef34e-aece-4e31-a34f-dfa5b69048ac
access-control-allow-origin: https://staging.app.startbooking.com
x-rgw-object-type: Normal
cache-control: max-age=604800
access-control-max-age: 604800
accept-ranges: bytes
cf-ray: 8a6903f2c8f6a204-YYZ

GET
H2 200 favicon.ico
cdn.startbooking.systems/marketing/ 4 KB
2 KB 88ms
34ms Other
image/x-icon 104.18.42.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.startbooking.systems/marketing/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.42.227 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e6a5aea30ab9826096c1460d7e1ffcd67a2263cff4fa5fbf674196836be65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://staging.app.startbooking.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 06:08:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: tx0000068bd10b30634206b-0066476915-58cc0e10-sfo2a
age: 450490
x-envoy-upstream-healthchecked-cluster
last-modified: Sun, 09 Aug 2020 16:58:50 GMT
server: cloudflare
etag: W/"4263c16e3a6a6da1158e67358677e3bf"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/x-icon
x-do-cdn-uuid: 972ef34e-aece-4e31-a34f-dfa5b69048ac
x-rgw-object-type: Normal
cache-control: max-age=604800
cf-ray: 8a6903f58de9abfa-YYZ

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: staging.startbooking.com
URL: https://staging.startbooking.com/fonts/icomoon.ttf?jxb5lh

Domain: staging.startbooking.com
URL: https://staging.startbooking.com/fonts/icomoon.woff?jxb5lh

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| headerHeight

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
staging.app.startbooking.com/	1970-01-20 22:32:31	Name: laravel_session Value: Nk9ZOjKNmtj9UQK890E7B1AwLsyQHmgcQ8BxBcrJ
staging.app.startbooking.com/	1970-01-20 22:32:31	Name: XSRF-TOKEN Value: eyJpdiI6IlpJN01Sa3pBMTV1cjBxa0lRWUNYaFE9PSIsInZhbHVlIjoibUpweUVVMVVsZUhzZXNLR2NJSGRTWEltdE5IeVh1d3hSYlpKQldHWmJFenVFUmhha2xjSXRqSEhOb0dOQW9BSHUraHFyUWhOVVZWa1ZyL1pyV2lackZRZGF3RnBjb1YwUmtyNlJHdCtpajBybVFEdE1oVHpOdzBobVoyZ1k0aTciLCJtYWMiOiJiMzk2NjU2MDVlOGUzYTE5YzQ3Mzk0YWVlYTA3OTRiMDgwZjg5ZGJiY2JjMmNmZmU0MWY1NTEzMzRhZDdjZjA0IiwidGFnIjoiIn0%3D
.cdn.startbooking.systems/	1970-01-20 22:12:23	Name: __cf_bm Value: wbb31I_X9kiRhIjSkunkEwjyw2ZBd8ww9bvmGKZXMbU-1721542096-1.0.1.1-xYGrcar5kldZtG3CfMU4YhbXFDLfcpQARpBQqmf4wXAUtEQj2NkSXJtZdbvuV9TJ9W5k6mWNyPRGRYuGEmdWIQ

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://staging.app.startbooking.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
javascript	error	URL: https://staging.app.startbooking.com/login Message: Access to font at 'https://staging.startbooking.com/fonts/icomoon.ttf?jxb5lh' from origin 'https://staging.app.startbooking.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://staging.startbooking.com/fonts/icomoon.ttf?jxb5lh Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://staging.app.startbooking.com/login Message: Access to font at 'https://staging.startbooking.com/fonts/icomoon.woff?jxb5lh' from origin 'https://staging.app.startbooking.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://staging.startbooking.com/fonts/icomoon.woff?jxb5lh Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.startbooking.systems
fonts.googleapis.com
fonts.gstatic.com
staging.app.startbooking.com
staging.startbooking.com
staging.startbooking.com
104.18.42.227
146.190.212.131
172.253.63.95
172.66.43.201
64.233.180.94
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
2bf72e88279fb30f3393436474648c468e23f3e72a8b3aa9d6e2b5d76238c208
58e33c099322eda78ea1c9474eb878aefd13f4952b1815c43f4e5d6489843ff8
a454efc411b6d4e5812af275a535aba978ba4e86fb4ba4ac06c693894f5bf7c8
b19c5a6b5236d1793ad51e1a42e8a22e458ed018e4d5ce9d41d4285c96086705
ee1d1a842b94c8c69048d750e94801d9c03c3d2a45e228ceabae76bb0142207f
f6e6a5aea30ab9826096c1460d7e1ffcd67a2263cff4fa5fbf674196836be65b
fe1bd7781805120843889896ce90992e78af1029fbccc6b81f89e54f30ce07af

staging.app.startbooking.com Open in urlscan Pro 146.190.212.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

80 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

6 IPs

2 Countries

139 kBTransfer

247 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

3 Cookies

5 Console Messages

Security Headers

Indicators

staging.app.startbooking.com Open in urlscan Pro
146.190.212.131 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

139 kB
Transfer

247 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions