portal.mrtravel.pm-krg.com Open in urlscan Pro
66.23.234.6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portal.mrtravel.pm-krg.com/
Submission: On June 15 via api (June 15th 2024, 3:18:31 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 16 HTTP transactions. The main IP is 66.23.234.6, located in United States and belongs to IS-AS-1, US. The main domain is portal.mrtravel.pm-krg.com.
TLS certificate: Issued by R11 on June 11th 2024. Valid for: 3 months.

This is the only time portal.mrtravel.pm-krg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	66.23.234.6 66.23.234.6	19318 (IS-AS-1) (IS-AS-1)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	172.217.18.106 172.217.18.106	15169 (GOOGLE) (GOOGLE)
16	4

11 66.23.234.6 (United States)

ASN19318 (IS-AS-1, US)
PTR: plesk6700.is.cc

portal.mrtravel.pm-krg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	pm-krg.com portal.mrtravel.pm-krg.com	3 MB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 391	198 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	41 KB
16	3

	Domain	Requested by
11	portal.mrtravel.pm-krg.com	portal.mrtravel.pm-krg.com
4	maps.googleapis.com	portal.mrtravel.pm-krg.com maps.googleapis.com
1	cdnjs.cloudflare.com	portal.mrtravel.pm-krg.com
16	3

This site contains no links.

Subject Issuer	Validity	Valid
portal.mrtravel.pm-krg.com R11	`2024-06-11` - `2024-09-09`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portal.mrtravel.pm-krg.com/
Frame ID: 028577AB9A68383592336483B73469E0
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mr.Travel

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

3214 kB
Transfer

5470 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
portal.mrtravel.pm-krg.com/ 815 B
777 B 858ms
516ms Document
text/html 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.mrtravel.pm-krg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 48aba03378568c5b365a6b3a1d474acd364719738d5bfbcdbaf5cb0f708c70d4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 587
content-type: text/html
date: Sat, 15 Jun 2024 03:18:25 GMT
etag: "eb2164cccabbda1:0"
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H3 200 materialdesignicons.min.css
cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/7.2.96/css/ 331 KB
41 KB 145ms
97ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/7.2.96/css/materialdesignicons.min.css

Requested by

Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b89606bf42acdeb4f05cff729f63f2f0574e87011d4aa5a05253a3bfcd7461bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 03:18:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 117830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 41626
last-modified: Sun, 19 Mar 2023 19:16:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64175f99-a29a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2mEIkGUnr%2F2t1bOacRvhbI7p6FnH25%2BhTaA5c3MoMCkfCmvSLxxpfJTOQIz9vOkGLrp0NH%2FuxTz%2FCeZpf0ObGvm89Ej4Lvu72HUaMuSHgYWictf0djk5bcyVXYR0uZcJCSK2Tr0"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 893f69aace983631-FRA
expires: Thu, 05 Jun 2025 03:18:25 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 259 KB
85 KB 219ms
77ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAhYWudw_VnRfn9Chao81X1LYUraRyAkos&libraries=places

Requested by

Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

dda9f339bbcc2563b1ef89bd2d9d0f110aad6ffcffb6265bba678a22616fffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 03:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87069
x-xss-protection: 0

GET
H2 200 index-8bd2f9ab.js Show response
portal.mrtravel.pm-krg.com/assets/ 2 MB
736 KB 497ms
496ms Script
application/javascript 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.mrtravel.pm-krg.com/assets/index-8bd2f9ab.js
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d4b388e4cf56cee898b3e17017b5e2e69d1361833ffce2362db7ea2a88e1d32c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/
Origin: https://portal.mrtravel.pm-krg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:25 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "f24864cccabbda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 index-f536ff67.css
portal.mrtravel.pm-krg.com/assets/ 607 KB
125 KB 162ms
161ms Stylesheet
text/css 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.mrtravel.pm-krg.com/assets/index-f536ff67.css
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f536ff67de2f4348a3887df0609309b930c0c45f876779074f3ef6faf10a0767

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:25 GMT
content-encoding: br
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "eb2164cccabbda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 136ms
57ms XHR
application/json 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAhYWudw_VnRfn9Chao81X1LYUraRyAkos&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 03:18:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://portal.mrtravel.pm-krg.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 logo-dd676980.png
portal.mrtravel.pm-krg.com/assets/ 32 KB
32 KB 122ms
121ms Image
image/png 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.mrtravel.pm-krg.com/assets/logo-dd676980.png
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/login?redirect=/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dd676980d50838ab799fd2d3a328f92acc8a72fccffef5208decfce057d443d3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/login?redirect=/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:26 GMT
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "d48b60cccabbda1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 33079

GET
H2 200 destination-e7400941.png
portal.mrtravel.pm-krg.com/assets/ 29 KB
29 KB 121ms
120ms Image
image/png 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.mrtravel.pm-krg.com/assets/destination-e7400941.png
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/login?redirect=/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e7400941a6d6dadb5d5516b762f0450d8502a37799043cf6f1b33b39b96e603f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/login?redirect=/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:26 GMT
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "78261cccabbda1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 30101

GET
H2 200 location-d90a46dc.png
portal.mrtravel.pm-krg.com/assets/ 34 KB
34 KB 119ms
119ms Image
image/png 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.mrtravel.pm-krg.com/assets/location-d90a46dc.png
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/login?redirect=/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d90a46dc99679210df37a1ff0e5f6e3f9ada0c4d5e548bea12341443d22a1519

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/login?redirect=/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:26 GMT
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "78261cccabbda1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 34579

GET
H2 200 animation-6ea9e440.gif
portal.mrtravel.pm-krg.com/assets/ 2 MB
2 MB 124ms
124ms Image
image/gif 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.mrtravel.pm-krg.com/assets/animation-6ea9e440.gif
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/login?redirect=/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6ea9e4400d2050a97e70660b448488374f224809c45c2ec27dc69e8fed8df884

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/login?redirect=/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:26 GMT
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "e1fa63cccabbda1:0"
x-powered-by: ASP.NET
content-type: image/gif
accept-ranges: bytes
content-length: 1942751

GET
H2 200 dewar_reg-b70a249c.woff2
portal.mrtravel.pm-krg.com/assets/ 41 KB
41 KB 723ms
722ms Font
font/x-woff2 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.mrtravel.pm-krg.com/assets/dewar_reg-b70a249c.woff2
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/assets/index-f536ff67.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b70a249c54737b6fc04116feb6c62b7620a66263f7263db3074fca587b44af72

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/assets/index-f536ff67.css
Origin: https://portal.mrtravel.pm-krg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:26 GMT
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "78261cccabbda1:0"
x-powered-by: ASP.NET
content-type: font/x-woff2
accept-ranges: bytes
content-length: 42012

GET
H2 200 bg-login-cee4da87.jpg
portal.mrtravel.pm-krg.com/assets/ 48 KB
48 KB 120ms
120ms Image
image/jpeg 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.mrtravel.pm-krg.com/assets/bg-login-cee4da87.jpg
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/assets/index-f536ff67.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cee4da870b696b86924fae4314a95f90feaab0f6e9d2a8f20aefc7bf54fbc953

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/assets/index-f536ff67.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:26 GMT
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "78261cccabbda1:0"
x-powered-by: ASP.NET
content-type: image/jpeg
accept-ranges: bytes
content-length: 48945

GET
H2 200 primeicons-3824be50.woff2
portal.mrtravel.pm-krg.com/assets/ 29 KB
30 KB 611ms
610ms Font
font/x-woff2 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.mrtravel.pm-krg.com/assets/primeicons-3824be50.woff2
Requested by: Host: portal.mrtravel.pm-krg.com
URL: https://portal.mrtravel.pm-krg.com/assets/index-f536ff67.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3824be5040322c884634028b8cdfb1716912128cc4a1d38b4c7a93ffea2a6879

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/assets/index-f536ff67.css
Origin: https://portal.mrtravel.pm-krg.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:26 GMT
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "78261cccabbda1:0"
x-powered-by: ASP.NET
content-type: font/x-woff2
accept-ranges: bytes
content-length: 30180

GET
H2 200 logo-dd676980.png
portal.mrtravel.pm-krg.com/assets/ 32 KB
0 0ms
0ms Other
image/png 66.23.234.6
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.mrtravel.pm-krg.com/assets/logo-dd676980.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.23.234.6 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: plesk6700.is.cc
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: dd676980d50838ab799fd2d3a328f92acc8a72fccffef5208decfce057d443d3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/login?redirect=/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 15 Jun 2024 03:18:26 GMT
last-modified: Tue, 11 Jun 2024 06:44:24 GMT
server: Microsoft-IIS/10.0
etag: "d48b60cccabbda1:0"
x-powered-by: ASP.NET
content-type: image/png
accept-ranges: bytes
content-length: 33079

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/4/intl/de_ALL/ 257 KB
56 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/4/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAhYWudw_VnRfn9Chao81X1LYUraRyAkos&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec23098ad4d84b8087d5239d10508d850fc630a6191d7426be9eee708c61acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 18:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57504
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 17:15:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 18:15:47 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/4/intl/de_ALL/ 182 KB
56 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/4/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAhYWudw_VnRfn9Chao81X1LYUraRyAkos&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8605845bf610f6d4932e2c9d3f169976e1195b4b6b0fd9ea2dabc25906812bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://portal.mrtravel.pm-krg.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 18:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 205363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57111
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 17:15:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 18:15:47 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://portal.mrtravel.pm-krg.com/login?redirect=/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
maps.googleapis.com
portal.mrtravel.pm-krg.com
104.17.24.14
172.217.18.106
2a00:1450:4001:802::200a
66.23.234.6
3824be5040322c884634028b8cdfb1716912128cc4a1d38b4c7a93ffea2a6879
48aba03378568c5b365a6b3a1d474acd364719738d5bfbcdbaf5cb0f708c70d4
6ea9e4400d2050a97e70660b448488374f224809c45c2ec27dc69e8fed8df884
8605845bf610f6d4932e2c9d3f169976e1195b4b6b0fd9ea2dabc25906812bc8
aec23098ad4d84b8087d5239d10508d850fc630a6191d7426be9eee708c61acb
b70a249c54737b6fc04116feb6c62b7620a66263f7263db3074fca587b44af72
b89606bf42acdeb4f05cff729f63f2f0574e87011d4aa5a05253a3bfcd7461bf
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cee4da870b696b86924fae4314a95f90feaab0f6e9d2a8f20aefc7bf54fbc953
d4b388e4cf56cee898b3e17017b5e2e69d1361833ffce2362db7ea2a88e1d32c
d90a46dc99679210df37a1ff0e5f6e3f9ada0c4d5e548bea12341443d22a1519
dd676980d50838ab799fd2d3a328f92acc8a72fccffef5208decfce057d443d3
dda9f339bbcc2563b1ef89bd2d9d0f110aad6ffcffb6265bba678a22616fffd0
e7400941a6d6dadb5d5516b762f0450d8502a37799043cf6f1b33b39b96e603f
f536ff67de2f4348a3887df0609309b930c0c45f876779074f3ef6faf10a0767

portal.mrtravel.pm-krg.com Open in urlscan Pro 66.23.234.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

25 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

3214 kBTransfer

5470 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

portal.mrtravel.pm-krg.com Open in urlscan Pro
66.23.234.6 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

3214 kB
Transfer

5470 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions