![](/screenshots/038e674a-576e-4f6c-8ae4-fa3a49b43a73.png)
booking.partner-panel.network
Open in
urlscan Pro
2606:4700:3033::6815:2b68
Malicious Activity!
Public Scan
Submission: On February 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on January 30th 2024. Valid for: 3 months.
This is the only time booking.partner-panel.network was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Booking (Travel)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2606:4700:303... 2606:4700:3033::6815:2b68 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 2 |
ASN13335 (CLOUDFLARENET, US)
booking.partner-panel.network |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
partner-panel.network
booking.partner-panel.network |
88 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
12 | booking.partner-panel.network |
booking.partner-panel.network
|
13 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
account.booking.com |
partner.booking.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
partner-panel.network E1 |
2024-01-30 - 2024-04-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://booking.partner-panel.network/sing-in/
Frame ID: 64BFA42C89CF953377BFE7804ACDE048
Requests: 12 HTTP requests in this frame
Frame:
https://booking.partner-panel.network/sing-in/index_1.html
Frame ID: FDD0F1F18B6FA37A3462F66E4B6A6E73
Requests: 1 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Having trouble signing in?
Search URL Search Domain Scan URL
Title: Partner Help
Search URL Search Domain Scan URL
Title: Create your partner account
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
booking.partner-panel.network/sing-in/ |
91 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
925_1975cbc2f7eaad75f590.css
booking.partner-panel.network/sing-in/ |
90 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
549_19b6685c719a431686fc.css
booking.partner-panel.network/sing-in/ |
73 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
826_870c205e4e40b913b2fc.css
booking.partner-panel.network/sing-in/ |
60 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us.png
booking.partner-panel.network/sing-in/ |
642 B 990 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_1.html
booking.partner-panel.network/sing-in/ Frame FDD0 |
196 B 443 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
etnht.gif
booking.partner-panel.network/sing-in/ |
35 B 382 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.6.0.min.js
booking.partner-panel.network/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
get.php
booking.partner-panel.network/ |
11 B 448 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
get.php
booking.partner-panel.network/ |
11 B 445 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
get.php
booking.partner-panel.network/ |
11 B 448 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
get.php
booking.partner-panel.network/ |
11 B 452 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
get.php
booking.partner-panel.network/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- booking.partner-panel.network
- URL
- https://booking.partner-panel.network/get.php
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Booking (Travel)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery function| getCookie function| getStatus function| saveWord1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
booking.partner-panel.network/ | Name: PHPSESSID Value: saufsmudrl3aejq5b9ern1u93m |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
booking.partner-panel.network
booking.partner-panel.network
2606:4700:3033::6815:2b68
0e27699587add2db711900ce3fe3eb78eb8c3ea99948cc1b673c6e49d392f66b
392a56ff632ab759bff4deb8945cc46fbd9c674292be5c974b3ab1fd0a940c6c
3af3d6d57909bccc491baeb4247e72167526788f8bfb8942432ea390ed9b5dd4
806167d33dcf6095d8845679246e520d3cb1d6453f492712ca0096bf43517849
96f1beb125f73c511d8b401c7cb7af1469ceed1a89003beecb8646166dc41f07
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8
f1283f64f6b5897494e8d0421f0ff249628e060757766b04e8ed8a9c40fa03b4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e