urlscan.io logo urlscan.io
SecurityTrails logo

boletines.clarktours.com.gt Open in urlscan Pro
190.56.164.246  Public Scan

Go To Rescan Add Verdict Report
URL: http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
Submission: On April 07 via manual from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 190.56.164.246, located in Guatemala City, Guatemala and belongs to Telgua, GT. The main domain is boletines.clarktours.com.gt.
This is the only time boletines.clarktours.com.gt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 190.56.164.246 14754 (Telgua)
4 2a03:2880:f11... 32934 (FACEBOOK)
8 2
Apex Domain
Subdomains		 Transfer
4 facebook.com
www.facebook.com
138 KB
4 clarktours.com.gt
boletines.clarktours.com.gt
325 KB
8 2
Domain Requested by
4 www.facebook.com boletines.clarktours.com.gt
www.facebook.com
4 boletines.clarktours.com.gt boletines.clarktours.com.gt
8 2

This site contains links to these domains. Also see Links.

Domain
www.clarktours.com.gt
www.youtube.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
Frame ID: 936472ABD85EE507195159FF186352F2
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
Frame ID: F9C8FCE84153EA5A0C14B7ED67640B17
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

8
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

463 kB
Transfer

836 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt HTTP 307
  • https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request feb-offergua4.html
boletines.clarktours.com.gt/boletines/html/2021/misc/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
Protocol
HTTP/1.1
Server
190.56.164.246 Guatemala City, Guatemala, ASN14754 (Telgua, GT),
Reverse DNS
mail.clarktours.com.gt
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9c64d5c9fa6844205342681621ee67d676962108329fd2af71d405cbbd804418

Request headers

Host
boletines.clarktours.com.gt
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Mon, 15 Feb 2021 03:26:04 GMT
Accept-Ranges
bytes
ETag
"d85aa64a4a3d71:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Date
Wed, 07 Apr 2021 08:52:08 GMT
Content-Length
1592
Antigua-Feb1.jpg
boletines.clarktours.com.gt/boletines/images/2021/wholesaler/ 		280 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://boletines.clarktours.com.gt/boletines/images/2021/wholesaler/Antigua-Feb1.jpg
Requested by
Host: boletines.clarktours.com.gt
URL: http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
Protocol
HTTP/1.1
Server
190.56.164.246 Guatemala City, Guatemala, ASN14754 (Telgua, GT),
Reverse DNS
mail.clarktours.com.gt
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1853506f81c13b0915d94910323410f2fd972ce4f3490e04e6540b61d444dcb8

Request headers

Referer
http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 08:52:08 GMT
Last-Modified
Mon, 15 Feb 2021 03:23:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"f94f3be6493d71:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
286245
logoreceptivo.jpg
boletines.clarktours.com.gt/boletines/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://boletines.clarktours.com.gt/boletines/images/logoreceptivo.jpg
Requested by
Host: boletines.clarktours.com.gt
URL: http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
Protocol
HTTP/1.1
Server
190.56.164.246 Guatemala City, Guatemala, ASN14754 (Telgua, GT),
Reverse DNS
mail.clarktours.com.gt
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1355dbde808db003549935a684ff759523a0071c53fb54c903447da22c32ac37

Request headers

Referer
http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 08:52:08 GMT
Last-Modified
Sun, 29 Nov 2020 09:22:11 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"86aa1f1e31c6d61:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
39255
social-bar.jpg
boletines.clarktours.com.gt/boletines/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://boletines.clarktours.com.gt/boletines/images/social-bar.jpg
Requested by
Host: boletines.clarktours.com.gt
URL: http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
Protocol
HTTP/1.1
Server
190.56.164.246 Guatemala City, Guatemala, ASN14754 (Telgua, GT),
Reverse DNS
mail.clarktours.com.gt
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5f455ef19a47da567ad835ef5fd6d1995fb34e6a8cb45670ebdada4ff1096c30

Request headers

Referer
http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 08:52:08 GMT
Last-Modified
Tue, 19 Aug 2014 14:39:42 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"04b7b69bbbbcf1:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4356
like.php
www.facebook.com/plugins/ Frame F9C8
Redirect Chain
  • http://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
  • https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
32 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
Requested by
Host: boletines.clarktours.com.gt
URL: http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e84ad1982f42b6846de3048afe924989e5b19cc5c818656f3abdb24e88e12bf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https://www.facebook.com/clarktours.gt
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://boletines.clarktours.com.gt/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://boletines.clarktours.com.gt/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
60G8tfy6n4hgmfwZ6TxFy8X9p783TaALzy7ALeIHlIYaSo05/5LFGdKNXuH3ZzrWAEw0aeaEGLlxFXzVHWXJew==
date
Wed, 07 Apr 2021 08:52:45 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
Non-Authoritative-Reason
HSTS
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame F9C8 		400 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
JC5YPl1Sza8srqK5QAwwdZeBywXY/mWD6/8cxCvJoePFcjrbkYH/bw0oIJqbPDEpgmNc4HJdwmHeEj8y4zrH5w==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Tue, 06 Apr 2021 07:28:02 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
400
x-fb-rlafr
0
expires
Wed, 06 Apr 2022 07:28:02 GMT
GokaFwoStnJ.js
www.facebook.com/rsrc.php/v3iEpO4/y-/l/en_US/ Frame F9C8 		478 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/y-/l/en_US/GokaFwoStnJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a7c1a4a37625228b06dfcb048c61fb2896cb3108b7aaffb553bb0d7b47c5e8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 22:22:15 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ca9axHV6UZ5JaXPPwpa+Gg==
cross-origin-resource-policy
cross-origin
content-length
126419
x-fb-rlafr
0
x-fb-debug
JjAlKhgNHFOtdyrrV6bFqf/KjdLgKRfdQ6k262aBAb2eIThwmVtGUVMuD3B9qrNbp0Ay3Zz5uU1Evo7DXcyLiw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 06 Apr 2022 22:22:15 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame F9C8 		67 B
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1617785565041&t_start=1617785565042&t_domcontent=1617785565045&t_layout=1617785565104&t_onload=1617785565104&t_paint=1617785565104&t_creport=1617785565104&t_tti=1617785565045&lid=6948336095317086570-0
Requested by
Host: boletines.clarktours.com.gt
URL: http://boletines.clarktours.com.gt/boletines/html/2021/misc/feb-offergua4.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/clarktours.gt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
4Gk/Gd0UcrgTPuH8VAKRMrVdWbvOL14cHiMlSdkwD60BRi7pmaEeBjNT1HkwFB+bJXee+lBVBE4T1H6RV5H+ww==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 07 Apr 2021 08:52:45 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

0 Cookies