booking.nailsoft.com Open in urlscan Pro
35.244.147.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://booking.harmonypayment.com/
Effective URL:
https://booking.nailsoft.com/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 23 via api (October 23rd 2024, 3:58:10 am UTC) from IT — Scanned from IT

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 20 HTTP transactions. The main IP is 35.244.147.36, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is booking.nailsoft.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 29th 2023. Valid for: a year.

This is the only time booking.nailsoft.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.65.234.253 159.65.234.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
14	35.244.147.36 35.244.147.36	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	162.247.243.39 162.247.243.39	54113 (FASTLY) (FASTLY)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
3	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
20	5

1 159.65.234.253 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

booking.harmonypayment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.244.147.36 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.147.244.35.bc.googleusercontent.com

booking.nailsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api2.nailsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nailsoft.com booking.nailsoft.com api2.nailsoft.com	1 MB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	1 KB
1	gstatic.com fonts.gstatic.com	72 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 592	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	harmonypayment.com 1 redirects booking.harmonypayment.com	314 B
20	6

	Domain	Requested by
13	booking.nailsoft.com	booking.nailsoft.com
3	bam.nr-data.net	booking.nailsoft.com
1	api2.nailsoft.com	booking.nailsoft.com
1	fonts.gstatic.com	fonts.googleapis.com
1	js-agent.newrelic.com	booking.nailsoft.com
1	fonts.googleapis.com	booking.nailsoft.com
1	booking.harmonypayment.com	1 redirects
20	7

This site contains links to these domains. Also see Links.

Domain
nailsoft.com

Subject Issuer	Validity	Valid
*.nailsoft.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-29` - `2025-01-04`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-12` - `2025-08-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://booking.nailsoft.com/
Frame ID: 02830201BD921C4C0D6FE1E43CBB92AA
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NailSoft - Booking

Page URL History Show full URLs

http://booking.harmonypayment.com/ HTTP 307
https://booking.harmonypayment.com/ HTTP 301
https://booking.nailsoft.com/ Page URL

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

1343 kB
Transfer

1405 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://nailsoft.com/policy/
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://booking.harmonypayment.com/ HTTP 307
https://booking.harmonypayment.com/ HTTP 301
https://booking.nailsoft.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
booking.nailsoft.com/
Redirect Chain

http://booking.harmonypayment.com/
https://booking.harmonypayment.com/
https://booking.nailsoft.com/

1 KB
1 KB

375ms
204ms

Document
text/html

35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 824678963ed16ca4f03fe8f70cb59abef5ce618acd05602e170a33f15104b8f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 1167
content-type: text/html
date: Wed, 23 Oct 2024 03:58:04 GMT
last-modified: Wednesday, 23-Oct-2024 03:58:04 GMT
server: nginx/1.18.0
via: 1.1 google

Redirect headers

content-length: 178
content-type: text/html
date: Wed, 23 Oct 2024 03:58:03 GMT
location: https://booking.nailsoft.com/
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=63072000

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 616ms
66ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

082efd949c65683b2fc4407b5484397a884bf92b1c232a64c2adac6585bd073d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 03:58:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 23 Oct 2024 03:58:04 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 23 Oct 2024 03:58:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 tracking-production.js Show response
booking.nailsoft.com/ 125 KB
126 KB 209ms
208ms Script
application/javascript 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/tracking-production.js
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: d0f839be9ccc29d1a41f2e791840c0a8d34266652f86809a130fefde77bb745c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128366
date: Wed, 23 Oct 2024 03:58:04 GMT
content-type: application/javascript
last-modified: Wednesday, 23-Oct-2024 03:58:04 GMT
server: nginx/1.18.0

GET
H2 200 main.008ea427.js Show response
booking.nailsoft.com/static/js/ 550 KB
551 KB 235ms
235ms Script
application/javascript 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/static/js/main.008ea427.js
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 34750be04ee94d1567642e639a26875627ced53c674d5c158732d86041c94321

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 562731
date: Wed, 23 Oct 2024 03:58:04 GMT
content-type: application/javascript
last-modified: Wednesday, 23-Oct-2024 03:58:04 GMT
server: nginx/1.18.0

GET
H2 200 main.10fa2ee3.css
booking.nailsoft.com/static/css/ 56 KB
56 KB 209ms
208ms Stylesheet
text/css 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/static/css/main.10fa2ee3.css
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 4e61881c2b0fcb24416fa0c8e96828a97ba376b97b91e00fc1768a32bb0a80f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57379
date: Wed, 23 Oct 2024 03:58:04 GMT
content-type: text/css
last-modified: Wednesday, 23-Oct-2024 03:58:04 GMT
server: nginx/1.18.0

GET
H2 200 nr-spa-1.251.1.min.js Show response
js-agent.newrelic.com/ 87 KB
26 KB 714ms
112ms Script
application/javascript 162.247.243.39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.251.1.min.js

Requested by

Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.247.243.39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe207926e03dd9e07087abcac51ac5490aa57a7bda3b6e5fcfe4baec4953d4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://booking.nailsoft.com
Referer: https://booking.nailsoft.com/

Response headers

strict-transport-security: max-age=300
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding: br
etag: "74bb5562421fc11ec1e50cd70dd234d5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 26787
date: Wed, 23 Oct 2024 03:58:05 GMT
last-modified: Mon, 29 Jan 2024 21:25:17 GMT
content-type: application/javascript
x-served-by: cache-mxp6932-MXP
x-cache-hits: 9
vary: Accept-Encoding

GET
H2 200 273.7acc5a09.chunk.js Show response
booking.nailsoft.com/static/js/ 30 KB
30 KB 245ms
245ms Script
application/javascript 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/static/js/273.7acc5a09.chunk.js
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 652496fefd5636678829491aa37fbcab8ee5c4eeba26fe7beca3f721e540821a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30990
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: application/javascript
last-modified: Wednesday, 23-Oct-2024 03:58:05 GMT
server: nginx/1.18.0

GET
H2 200 338.ea9a4258.chunk.js Show response
booking.nailsoft.com/static/js/ 10 KB
10 KB 244ms
243ms Script
application/javascript 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/static/js/338.ea9a4258.chunk.js
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 0c15c3050c74fcc55027a3b22efcb59ca2011d5dfdf43290544558e3d1f33958

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10046
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: application/javascript
last-modified: Wednesday, 23-Oct-2024 03:58:05 GMT
server: nginx/1.18.0

GET
H2 200 988.aca1feb6.chunk.js Show response
booking.nailsoft.com/static/js/ 94 KB
94 KB 244ms
244ms Script
application/javascript 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/static/js/988.aca1feb6.chunk.js
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: d37b18aa7fa728a9165cdb740b32ec3ff1643c5e0c99c8a085cd96507f1a47fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96013
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: application/javascript
last-modified: Wednesday, 23-Oct-2024 03:58:05 GMT
server: nginx/1.18.0

GET
H2 200 579.44b73883.chunk.css
booking.nailsoft.com/static/css/ 96 B
151 B 685ms
685ms Stylesheet
text/css 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/static/css/579.44b73883.chunk.css
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: fdc8f78c51289d1595b80d0e7a9ec15fe883a781667239c0dbae0d80acdf279b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: text/css
last-modified: Wednesday, 23-Oct-2024 03:58:05 GMT
server: nginx/1.18.0

GET
H2 200 579.27fb0bea.chunk.js Show response
booking.nailsoft.com/static/js/ 16 KB
16 KB 248ms
248ms Script
application/javascript 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/static/js/579.27fb0bea.chunk.js
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: bde96a740f1bf48549ba9acbab08ed188d9a6d161fcc12a67ef12c7c8165f474

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16775
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: application/javascript
last-modified: Wednesday, 23-Oct-2024 03:58:05 GMT
server: nginx/1.18.0

GET
H2 200 loading.53d89d49cf0418db4a83.gif
booking.nailsoft.com/static/media/ 137 KB
138 KB 245ms
245ms Image
image/gif 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.nailsoft.com/static/media/loading.53d89d49cf0418db4a83.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 978d606b62925ba7b28a170ca18e154fe22955454882b470546cc9592d2363cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140770
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: image/gif
last-modified: Wednesday, 23-Oct-2024 03:58:05 GMT
server: nginx/1.18.0

GET
H2 200 logo.png
booking.nailsoft.com/ 40 KB
40 KB 282ms
282ms Other
image/png 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: c32a3a1be442d0524f66800302eed5c14833c169263a6786cbad49264d86cff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41203
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: image/png
last-modified: Wednesday, 23-Oct-2024 03:58:05 GMT
server: nginx/1.18.0

GET
H2 200 logo.png
booking.nailsoft.com/ 40 KB
40 KB 690ms
408ms Other
image/png 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://booking.nailsoft.com/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: c32a3a1be442d0524f66800302eed5c14833c169263a6786cbad49264d86cff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41203
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: image/png
last-modified: Wednesday, 23-Oct-2024 03:58:05 GMT
server: nginx/1.18.0

GET
H2 200 UcCo3FwrK3iLTcviYwY.woff2
fonts.gstatic.com/s/inter/v18/ 71 KB
72 KB 562ms
43ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcCo3FwrK3iLTcviYwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900&family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://booking.nailsoft.com
Referer: https://fonts.googleapis.com/

Response headers

age: 104393
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 22:58:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 22:58:12 GMT
last-modified: Mon, 29 Jul 2024 22:45:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 73080
x-xss-protection: 0
server: sffe

GET
H2 200 loading.53d89d49cf0418db4a83.gif
booking.nailsoft.com/static/media/ 137 KB
138 KB 211ms
209ms Image
image/gif 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.nailsoft.com/static/media/loading.53d89d49cf0418db4a83.gif
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/static/js/main.008ea427.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 978d606b62925ba7b28a170ca18e154fe22955454882b470546cc9592d2363cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://booking.nailsoft.com/login?merchant_id=null

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140770
date: Wed, 23 Oct 2024 03:58:06 GMT
content-type: image/gif
last-modified: Wednesday, 23-Oct-2024 03:58:06 GMT
server: nginx/1.18.0

POST
H/1.1 200 NRJS-c3bf59ed190799bcdac Show response
bam.nr-data.net/1/ 180 B
632 B 424ms
260ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-c3bf59ed190799bcdac?a=1134423575&sa=1&v=1.251.1&t=Unnamed%20Transaction&rst=2539&ck=0&s=69e955bc86d42305&ref=https://booking.nailsoft.com/login&hr=0&af=err,xhr,stn,ins,spa&be=803&fe=917&dc=915&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1729655883436,%22n%22:0,%22f%22:428,%22dn%22:429,%22dne%22:463,%22c%22:463,%22s%22:473,%22ce%22:600,%22rq%22:600,%22rp%22:803,%22rpe%22:810,%22di%22:857,%22ds%22:1718,%22de%22:1718,%22dc%22:1718,%22l%22:1718,%22le%22:1720%7D,%22navigation%22:%7B%7D%7D&fp=1918&fcp=1918
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b47f9ab5e60edbedd493d495ea5c530acdd1fe6db8610fff921acd16549981e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://booking.nailsoft.com/

Response headers

access-control-expose-headers: Date
timing-allow-origin: https://booking.nailsoft.com
Connection: keep-alive
cross-origin-resource-policy: cross-origin
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://booking.nailsoft.com
Content-Length: 180
date: Wed, 23 Oct 2024 03:58:06 GMT
content-type: text/plain
x-served-by: cache-lin1730054-LIN

GET
H2 400 null Show response
api2.nailsoft.com/api/Merchant/bookingonline/ 218 B
463 B 462ms
237ms XHR
application/json 35.244.147.36
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api2.nailsoft.com/api/Merchant/bookingonline/null
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.147.36 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 36.147.244.35.bc.googleusercontent.com
Software: Kestrel /
Resource Hash: de1128f9245e02883fb06a20982c2524dc4667a24437245281e9a5a55fb10ec2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://booking.nailsoft.com/

Response headers

api-supported-versions: 1.0, 1.1, 2.0
access-control-allow-credentials: true
via: 1.1 google
x-response-time-milliseconds: 2
access-control-allow-origin: https://booking.nailsoft.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218
date: Wed, 23 Oct 2024 03:58:05 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: Kestrel

POST
H/1.1 200 NRJS-c3bf59ed190799bcdac Show response
bam.nr-data.net/resources/1/ 36 B
355 B 288ms
286ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-c3bf59ed190799bcdac?a=1134423575&sa=1&v=1.251.1&t=Unnamed%20Transaction&rst=2972&ck=0&s=69e955bc86d42305&ref=https://booking.nailsoft.com/login&st=1729655883436&hr=0&fts=1729655883436&n=26&fsh=1
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e9f7f1aca70ac43a914b91dd1b26c829ee8bafc25b54a1551078f98791025c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://booking.nailsoft.com/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: https://booking.nailsoft.com
Content-Length: 36
date: Wed, 23 Oct 2024 03:58:06 GMT
content-type: text/plain
x-served-by: cache-lin1730054-LIN

POST
H/1.1 200 NRJS-c3bf59ed190799bcdac Show response
bam.nr-data.net/events/1/ 24 B
342 B 274ms
273ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-c3bf59ed190799bcdac?a=1134423575&sa=1&v=1.251.1&t=Unnamed%20Transaction&rst=3267&ck=0&s=69e955bc86d42305&ref=https://booking.nailsoft.com/login&ptid=5feb89f9-0001-bd5e-8b26-0192b786530f&hr=0
Requested by: Host: booking.nailsoft.com
URL: https://booking.nailsoft.com/tracking-production.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://booking.nailsoft.com/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin: https://booking.nailsoft.com
Content-Length: 24
date: Wed, 23 Oct 2024 03:58:06 GMT
content-type: image/gif
x-served-by: cache-lin1730045-LIN

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.251.1.PROD object| newrelic object| webpackChunkns_booking_online

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api2.nailsoft.com/api/Merchant/bookingonline/null Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.nailsoft.com
bam.nr-data.net
booking.harmonypayment.com
booking.nailsoft.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
142.250.184.234
142.250.185.67
159.65.234.253
162.247.243.29
162.247.243.39
35.244.147.36
082efd949c65683b2fc4407b5484397a884bf92b1c232a64c2adac6585bd073d
0c15c3050c74fcc55027a3b22efcb59ca2011d5dfdf43290544558e3d1f33958
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
34750be04ee94d1567642e639a26875627ced53c674d5c158732d86041c94321
3e9f7f1aca70ac43a914b91dd1b26c829ee8bafc25b54a1551078f98791025c4
4e61881c2b0fcb24416fa0c8e96828a97ba376b97b91e00fc1768a32bb0a80f4
652496fefd5636678829491aa37fbcab8ee5c4eeba26fe7beca3f721e540821a
824678963ed16ca4f03fe8f70cb59abef5ce618acd05602e170a33f15104b8f4
94ebe9c247ba14fd314a779358315f3e9dd2356c0e8070f42b208db2d5e21d6a
978d606b62925ba7b28a170ca18e154fe22955454882b470546cc9592d2363cf
b47f9ab5e60edbedd493d495ea5c530acdd1fe6db8610fff921acd16549981e8
bde96a740f1bf48549ba9acbab08ed188d9a6d161fcc12a67ef12c7c8165f474
c32a3a1be442d0524f66800302eed5c14833c169263a6786cbad49264d86cff1
d0f839be9ccc29d1a41f2e791840c0a8d34266652f86809a130fefde77bb745c
d37b18aa7fa728a9165cdb740b32ec3ff1643c5e0c99c8a085cd96507f1a47fe
de1128f9245e02883fb06a20982c2524dc4667a24437245281e9a5a55fb10ec2
fdc8f78c51289d1595b80d0e7a9ec15fe883a781667239c0dbae0d80acdf279b
fe207926e03dd9e07087abcac51ac5490aa57a7bda3b6e5fcfe4baec4953d4a4

booking.nailsoft.com Open in urlscan Pro 35.244.147.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

100 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

5 IPs

1 Countries

1343 kBTransfer

1405 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

booking.nailsoft.com Open in urlscan Pro
35.244.147.36 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

1343 kB
Transfer

1405 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions