geniuspos-booking.com.my
Open in
urlscan Pro
52.5.68.209
Public Scan
URL:
https://geniuspos-booking.com.my/
Submission: On March 30 via automatic, source certstream-suspicious — Scanned from DE
Submission: On March 30 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 2 IPs
in 1 countries
across 2 domains to perform 12 HTTP transactions.
The main IP is 52.5.68.209, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is geniuspos-booking.com.my.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 25th 2022. Valid for: a year.
This is the only time geniuspos-booking.com.my was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 25th 2022. Valid for: a year.
This is the only time geniuspos-booking.com.my was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 52.5.68.209 52.5.68.209 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 11 | 2600:9000:223... 2600:9000:223d:d200:b:a69b:4c00:21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 12 | 2 |
1
52.5.68.209
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-68-209.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-68-209.compute-1.amazonaws.com
| geniuspos-booking.com.my |
11
2600:9000:223d:d200:b:a69b:4c00:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| dkxj8skx6o8xc.cloudfront.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
cloudfront.net
dkxj8skx6o8xc.cloudfront.net |
188 KB |
| 1 |
geniuspos-booking.com.my
geniuspos-booking.com.my |
3 KB |
| 12 | 2 |
| Domain | Requested by | |
|---|---|---|
| 11 | dkxj8skx6o8xc.cloudfront.net |
geniuspos-booking.com.my
|
| 1 | geniuspos-booking.com.my | |
| 12 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.geniuspos-booking.com.my Sectigo RSA Domain Validation Secure Server CA |
2022-03-25 - 2023-04-25 |
a year | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://geniuspos-booking.com.my/
Frame ID: 8D9DB62002228E08846F9ABFF35DFE16
Requests: 12 HTTP requests in this frame
Screenshot
Page Title
GeniusPOSDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
geniuspos-booking.com.my/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.5.1.min.js
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/resources/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.js
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/resources/jquery/ |
426 KB 105 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/assets/css/ |
97 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
signin.css
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/assets/css/ |
792 B 673 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
select2.min.css
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/resources/select2/ |
15 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
select2-bootstrap.css
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/resources/select2/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.8.24.custom.css
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/resources/jquery/css/smoothness/ |
32 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ladda-themeless.min.css
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/assets/css/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spin.min.js
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/assets/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ladda.min.js
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/assets/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpco.png
dkxj8skx6o8xc.cloudfront.net/gpcloudsync/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| DP_jQuery_1680175899598 function| Spinner object| Ladda1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| geniuspos-booking.com.my/ | Name: booking_session Value: a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%221512d3ef4410dcc001af843f880e2f6d%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22138.199.38.132%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A116%3A%22Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F111.0.5563.146%20Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1680175898%3B%7D3d1c6002cf9b5938d14e05293610c86c |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dkxj8skx6o8xc.cloudfront.net
geniuspos-booking.com.my
2600:9000:223d:d200:b:a69b:4c00:21
52.5.68.209
15eeab0be27290f42d792634296412da4d828278435376c66b5ee17557f4f8fa
308b1eee7a3334b8b7b0278128609357f58ee3e5ffe668e5c37b201815547ca6
46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466
52f821fe1a2c14d81c7bf333489aadba49fb391a699c9ae726d00b812087f004
578ae224260d3351c96ad26e31ab5cae6b9db49a6a43ef0aaef5aa9942c6fc34
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
6c622bd9e40cb6e0cc09b5a7e851de29f65efd7b455355ca105122143f0b131b
9484d1038a971b2bc68dd0a6086eec2d71d9ec63ef4365a328b594c446343fbc
ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d
d7c0ccdbbc4317eaf7ad7b625c9a903e82924d40665e12a7fadb1d02da9ae555
e1c0d02f4e5c048a97742cabcedcf3b5d605cb9bf23d34f2f6a94bef04b89ccb
fdff2ad7570b10f538327a06badce4a92b4415d92e42625b5e014620c6ea5226