booking.partner-panel.network Open in urlscan Pro
2606:4700:3033::6815:2b68 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://booking.partner-panel.network/sing-in/
Submission: On February 08 via api (February 8th 2024, 3:23:21 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3033::6815:2b68, located in United States and belongs to CLOUDFLARENET, US. The main domain is booking.partner-panel.network.
TLS certificate: Issued by E1 on January 30th 2024. Valid for: 3 months.

This is the only time booking.partner-panel.network was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Booking (Travel)

Domain & IP information

	IP Address		AS Autonomous System
12	2606:4700:303... 2606:4700:3033::6815:2b68		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

12 2606:4700:3033::6815:2b68 (United States)

ASN13335 (CLOUDFLARENET, US)

booking.partner-panel.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	partner-panel.network booking.partner-panel.network	88 KB
13	1

	Domain	Requested by
12	booking.partner-panel.network	booking.partner-panel.network
13	1

This site contains links to these domains. Also see Links.

Domain
account.booking.com
partner.booking.com

Subject Issuer	Validity	Valid
partner-panel.network E1	`2024-01-30` - `2024-04-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://booking.partner-panel.network/sing-in/
Frame ID: 64BFA42C89CF953377BFE7804ACDE048
Requests: 12 HTTP requests in this frame

Frame: https://booking.partner-panel.network/sing-in/index_1.html
Frame ID: FDD0F1F18B6FA37A3462F66E4B6A6E73
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in | Booking.com

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

92 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

88 kB
Transfer

402 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://account.booking.com/sign-in?op_token=EgVvYXV0aCJHChQ2Wjcyb0hPZDM2Tm43emszcGlyaBIJYXV0aG9yaXplGhpodHRwczovL2FkbWluLmJvb2tpbmcuY29tLyoCe31CBGNvZGUqEjCX1tujpswmOgBCAFjRhbGpBg

Search URL Search Domain Scan URL

URL: https://partner.booking.com/node/2170?utm_source=account&utm_medium=support_link

Search URL Search Domain Scan URL

URL: https://account.booking.com/account-recovery/options?op_token=EgVvYXV0aCJHChQ2Wjcyb0hPZDM2Tm43emszcGlyaBIJYXV0aG9yaXplGhpodHRwczovL2FkbWluLmJvb2tpbmcuY29tLyoCe31CBGNvZGUqEjCRwqiyysomOgBCAFj0-4-pBg
Title: Having trouble signing in?

Search URL Search Domain Scan URL

URL: https://partner.booking.com/en-us?utm_source=extranet_login_page
Title: Partner Help

Search URL Search Domain Scan URL

URL: https://account.booking.com/register?op_token=EgVvYXV0aCJHChQ2Wjcyb0hPZDM2Tm43emszcGlyaBIJYXV0aG9yaXplGhpodHRwczovL2FkbWluLmJvb2tpbmcuY29tLyoCe31CBGNvZGUqEjCX1tujpswmOgBCAFjRhbGpBg
Title: Create your partner account

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response booking.partner-panel.network/sing-in/	91 KB 16 KB	328ms 239ms	Document text/html	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/sing-in/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f1283f64f6b5897494e8d0421f0ff249628e060757766b04e8ed8a9c40fa03b4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8524df6bcec415cb-EWR content-encoding br content-type text/html; charset=UTF-8 date Thu, 08 Feb 2024 15:23:15 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ep%2FE8mlzhyn77nIZUzCRcz7HlvcFBI8yfnnZ%2FvMAVZKa1euousZULvZ8522riLxF4bMuMTXEuw54E7LW9X3ko1kO6gqcQbcqRJwEQU%2FN%2FVTha%2F6uWgT8VoXX9%2FWsZwfpfteak9aQBveKKu6DS09POBevQJNYNtIB9uDllQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	925_1975cbc2f7eaad75f590.css booking.partner-panel.network/sing-in/	90 KB 17 KB	52ms 49ms	Stylesheet text/css	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/sing-in/925_1975cbc2f7eaad75f590.css Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/sing-in/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `96f1beb125f73c511d8b401c7cb7af1469ceed1a89003beecb8646166dc41f07` Request headers accept-language en-US,en;q=0.9 Referer https://booking.partner-panel.network/sing-in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:15 GMT content-encoding br cf-cache-status HIT last-modified Tue, 30 Jan 2024 12:55:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 680 etag W/"65b8f1ce-16800" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVt%2FoqftMJWSk1el8cDU4y82yOyLE384%2FCp8MbrxHgHq9J2Rz1kMZay5XsfxF634JnuRzuGac1on203YWyq8AUhKRBgARnK0hMSBKFls67vYx51aBW00rZGYBw4AwIuaF%2F%2FY4K1iuN3%2Bj5D5jxnFbVt6QYQDadBgP4QHdw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8524df6d6fba15cb-EWR alt-svc h3=":443"; ma=86400
GET H2	200	549_19b6685c719a431686fc.css booking.partner-panel.network/sing-in/	73 KB 8 KB	40ms 38ms	Stylesheet text/css	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/sing-in/549_19b6685c719a431686fc.css Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/sing-in/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `806167d33dcf6095d8845679246e520d3cb1d6453f492712ca0096bf43517849` Request headers accept-language en-US,en;q=0.9 Referer https://booking.partner-panel.network/sing-in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:15 GMT content-encoding br cf-cache-status HIT last-modified Tue, 30 Jan 2024 12:55:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 680 etag W/"65b8f1cd-12250" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z%2BDKntOOQFwfTWcA14yBpEAUWEjTxtjpX43BdxmwB9boXdNL9AKQJXpew5fmvq0m1Ey6evFo0SmIgVTUZq8Arc4cK31Ei700dxb2Mw4L7Fjm4uL8AUBirYWVVZeTDY230TXfgi5Iya01IjmgD8%2ByPK51%2FABePUoi66IbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8524df6d6fbc15cb-EWR alt-svc h3=":443"; ma=86400
GET H2	200	826_870c205e4e40b913b2fc.css booking.partner-panel.network/sing-in/	60 KB 13 KB	42ms 41ms	Stylesheet text/css	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/sing-in/826_870c205e4e40b913b2fc.css Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/sing-in/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e27699587add2db711900ce3fe3eb78eb8c3ea99948cc1b673c6e49d392f66b` Request headers accept-language en-US,en;q=0.9 Referer https://booking.partner-panel.network/sing-in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:15 GMT content-encoding br cf-cache-status HIT last-modified Tue, 30 Jan 2024 12:55:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 680 etag W/"65b8f1cd-ef64" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EU7GckxUrIStrb7NP9sk36rSIIkwSidFOoKJ4axqOTpT1mURWCmOt1jUXetBFOboTL1hRciNOsMrX55s%2FKCclcr1wweQdHIb6DAMon2Du4xTQUjobGByR9RssLt6F8vGtuqvWoTHkks9uKgaGeUp%2BbmsIzCFA1DC072pbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8524df6d6fbe15cb-EWR alt-svc h3=":443"; ma=86400
GET H2	200	us.png booking.partner-panel.network/sing-in/	642 B 990 B	236ms 232ms	Image image/png	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://booking.partner-panel.network/sing-in/us.png Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/sing-in/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8` Request headers accept-language en-US,en;q=0.9 Referer https://booking.partner-panel.network/sing-in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:15 GMT cf-cache-status REVALIDATED last-modified Tue, 30 Jan 2024 12:55:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65b8f1d1-282" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=787hciU4uGY1A4CfKDsQUcQagXy9cI69pHaFVCkoDCynoetvAIAvBxjbZP9pclOpsw8MNqOXv%2F%2FKl2E1eta%2Ffr1pM9QazARtuLlTuIef2wsgdbaZJGs%2Fz%2FMMiN7dH8iU8gqNCRVszPpK4VVtkRJrxxfBilQ0gLYxVwSxDQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8524df6de81215cb-EWR alt-svc h3=":443"; ma=86400 content-length 642
GET H2	200	index_1.html Show response booking.partner-panel.network/sing-in/ Frame FDD0	196 B 443 B	143ms 143ms	Document text/html	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/sing-in/index_1.html Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/sing-in/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3af3d6d57909bccc491baeb4247e72167526788f8bfb8942432ea390ed9b5dd4` Request headers Referer https://booking.partner-panel.network/sing-in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8524df6ed8d415cb-EWR content-encoding br content-type text/html; charset=UTF-8 date Thu, 08 Feb 2024 15:23:15 GMT last-modified Tue, 30 Jan 2024 12:55:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4hQVTeVlNqWF0fxbXwkr9Jh4%2FJGnAeG68wvrM7NvZiIEBvKO29HdcQq7vnFQq9fH2v%2FNfiGr2OeynPvfEKhzzBSHAffM2sFrC0y3Sr3HT%2FtBijRq6gwVh4X%2BNdYTQxTelaE3L%2Buf5QEV5SBklJwTnXEreXLtoK3TE4qaA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	etnht.gif booking.partner-panel.network/sing-in/	35 B 382 B	231ms 230ms	Image image/gif	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://booking.partner-panel.network/sing-in/etnht.gif Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/sing-in/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39` Request headers accept-language en-US,en;q=0.9 Referer https://booking.partner-panel.network/sing-in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:15 GMT cf-cache-status REVALIDATED last-modified Tue, 30 Jan 2024 12:55:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65b8f1ce-23" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqZQe08yTxAauRa9%2B6ZOrhZ4Gk7jqvyEayXb%2BzbTIvkLhY5Ta%2Fx6zNKE6Dh9W2%2FImdPHur7L5hJIv9iseR%2BpQSz3JyHYYhjujcaUpMGXMWdKEB%2BM6QykgQNdQJaIGhaYxW2HtnOA2rJ2BOx8LZ2mO45%2BdjMdIrppnLUseQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 8524df6de81515cb-EWR alt-svc h3=":443"; ma=86400 content-length 35
GET H3	200	jquery-3.6.0.min.js Show response booking.partner-panel.network/	87 KB 32 KB	226ms 226ms	Script application/javascript	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/jquery-3.6.0.min.js Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/sing-in/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers accept-language en-US,en;q=0.9 Referer https://booking.partner-panel.network/sing-in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:15 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 30 Jan 2024 12:55:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65b8f1c9-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qRCxrTq%2FtIy0cmm0ZqmXczjnRnrA0PoLIH3%2BqwB8dT5lSV9RBU6Nuz9I0%2B7EpeLmtcKh0Agh8OVl6Fk2rdPPdIKExSE502MoFGN7pXWI9SEeFH5cIimMLQIVi%2FaWqIYu3jNmpJUj%2BqZ4MP3FNja1nt9UL4yvstjdOtApNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 8524df6f1ba20f4f-EWR alt-svc h3=":443"; ma=86400
POST H3	200	get.php Show response booking.partner-panel.network/	11 B 448 B	233ms 232ms	XHR text/html	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/get.php Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/jquery-3.6.0.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `392a56ff632ab759bff4deb8945cc46fbd9c674292be5c974b3ab1fd0a940c6c` Request headers Accept / Referer https://booking.partner-panel.network/sing-in/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:17 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwH7SunEbs0QFGjJtwqRIBNF3O%2F6USNTkZiye4qj7SzyTt5v%2BOS1Td%2FpBBCbHZoZ%2B01zu8Q4A10lRljVq1QYICuJuDdkKp1tCWYT7EH8aG9QiqfBlC5ldEYrIBy%2BAO8s2e2awCda21DPtlIBkdQsEQ8UipYhQUp9VsgMhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8524df771ad50f4f-EWR alt-svc h3=":443"; ma=86400
POST H3	200	get.php Show response booking.partner-panel.network/	11 B 445 B	137ms 136ms	XHR text/html	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/get.php Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/jquery-3.6.0.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `392a56ff632ab759bff4deb8945cc46fbd9c674292be5c974b3ab1fd0a940c6c` Request headers Accept / Referer https://booking.partner-panel.network/sing-in/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:18 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVmXyRuw9U71BoicOPDwerw7p50Qp7apj3YmLu34kkfAequJ3WMLlj4KFD5S1ADPx3673qqVsjmUk3e75wIHLuV1%2FMPGfjT%2Fm6UL69JbqlaQhGiJ1VJA5yHRavb51cQPRjksephwD6CfYgpFLqxftrdLzWmXXnWsFsiPog%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8524df7d48560f4f-EWR alt-svc h3=":443"; ma=86400
POST H3	200	get.php Show response booking.partner-panel.network/	11 B 448 B	137ms 136ms	XHR text/html	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/get.php Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/jquery-3.6.0.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `392a56ff632ab759bff4deb8945cc46fbd9c674292be5c974b3ab1fd0a940c6c` Request headers Accept / Referer https://booking.partner-panel.network/sing-in/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoQihTIg6LphwyxCw0zIlmfmZsvJnn%2Bqwhd5y9fej9G%2FgPS2M%2Bz7nCzYyMN905UOU4PQq4vnxgTTxZmz47FzwowWYQ225gjjexE7l7gVzdt43fMUqBeNNJXhjPzsTwBTgW2RDHPe55hCbpdYPI40xkASuRMwzdvqu0esiw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8524df838fb50f4f-EWR alt-svc h3=":443"; ma=86400
POST H3	200	get.php Show response booking.partner-panel.network/	11 B 452 B	141ms 140ms	XHR text/html	2606:4700:3033::6815:2b68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.partner-panel.network/get.php Requested by Host: booking.partner-panel.network URL: https://booking.partner-panel.network/jquery-3.6.0.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:2b68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `392a56ff632ab759bff4deb8945cc46fbd9c674292be5c974b3ab1fd0a940c6c` Request headers Accept / Referer https://booking.partner-panel.network/sing-in/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Thu, 08 Feb 2024 15:23:20 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcHfaich62Vr4jKpcaCnk579243WysdNUsll%2FCa8f8VWKH9lnm%2F%2Fc0Nk3etiltMXNVt6Jt22zgY6IrpOuw1XAlAQ4%2FpnpmXVmApVNG6EwjTmG2graPPEwDUvErA4QYPWhn4THvT%2FmVVkSw%2Bz2IkAKm%2BCEGPWFaPBZor%2FUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8524df89cd1a0f4f-EWR alt-svc h3=":443"; ma=86400
POST		get.php booking.partner-panel.network/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: booking.partner-panel.network
URL: https://booking.partner-panel.network/get.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			booking.partner-panel.network/	1969-12-31 23:59:59	Name: PHPSESSID Value: saufsmudrl3aejq5b9ern1u93m

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.partner-panel.network
booking.partner-panel.network
2606:4700:3033::6815:2b68
0e27699587add2db711900ce3fe3eb78eb8c3ea99948cc1b673c6e49d392f66b
392a56ff632ab759bff4deb8945cc46fbd9c674292be5c974b3ab1fd0a940c6c
3af3d6d57909bccc491baeb4247e72167526788f8bfb8942432ea390ed9b5dd4
806167d33dcf6095d8845679246e520d3cb1d6453f492712ca0096bf43517849
96f1beb125f73c511d8b401c7cb7af1469ceed1a89003beecb8646166dc41f07
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8
f1283f64f6b5897494e8d0421f0ff249628e060757766b04e8ed8a9c40fa03b4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

booking.partner-panel.network Open in urlscan Pro 2606:4700:3033::6815:2b68 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

88 kBTransfer

402 kBSize

1 Cookies

5 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

Indicators

booking.partner-panel.network Open in urlscan Pro
2606:4700:3033::6815:2b68 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

88 kB
Transfer

402 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!