urlscan.io logo urlscan.io
SecurityTrails logo

booking.com-find-1215.com Open in urlscan Pro
2606:4700:3031::ac43:b75c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://booking.com-find-1215.com/p/6134932669
Submission: On January 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3031::ac43:b75c, located in United States and belongs to CLOUDFLARENET, US. The main domain is booking.com-find-1215.com.
This is the only time booking.com-find-1215.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Booking (Travel)

Domain & IP information

IP Address AS Autonomous System
1 18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 13.35.77.38 ()
1 13.225.195.114 ()
20 4
18    2606:4700:3031::ac43:b75c (United States)

ASN13335 (CLOUDFLARENET, US)
booking.com-find-1215.com
1    2600:9000:215f:600:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
q-xx.bstatic.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    13.35.77.38 (None, )

ASN- ()
booking.com
1    13.225.195.114 (None, )

ASN- ()
www.booking.com
Apex Domain
Subdomains		 Transfer
18 com-find-1215.com
booking.com-find-1215.com
230 KB
2 booking.com
booking.com
www.booking.com
650 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
6 KB
1 bstatic.com
q-xx.bstatic.com — Cisco Umbrella Rank: 15869
102 KB
20 4
Domain Requested by
18 booking.com-find-1215.com 1 redirects booking.com-find-1215.com
1 www.booking.com
1 booking.com 1 redirects
1 cdnjs.cloudflare.com booking.com-find-1215.com
1 q-xx.bstatic.com booking.com-find-1215.com
20 5

This site contains no links.

Subject Issuer Validity Valid
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-29 -
2024-11-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: http://booking.com-find-1215.com/p/6134932669
Frame ID: DAD94B476C176358E80DE47619C9F5C3
Requests: 11 HTTP requests in this frame

Frame: http://booking.com-find-1215.com/chat/6134932669
Frame ID: E0ED40048111296F18532535A3DA1EF6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Booking.com | Official site | The best hotels & accommodation

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

10 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

338 kB
Transfer

6439 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://booking.com-find-1215.com/chat/%7Bimage%7D HTTP 302
  • https://booking.com/ HTTP 301
  • https://www.booking.com/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6134932669
booking.com-find-1215.com/p/ 		98 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/p/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
729c990ab0fc18a6de1c110e5e3f6af1cac190caa9361a0afaf84c22f6633fce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
84ab2d98fa126aed-BUF
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Jan 2024 20:55:35 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2U7jvS4lo7jxqEUFan6vbNi1fOc63uN5fy33P0xNGfO4pl9Oi6HKCWex9duPOZUsF3lBNwDOG51HjrOgVIGenK3e1RwP3IexfwJKM0LOHsUN1gYLpzCJw9PSKvF4WdV7rf%2FL3dw2TgfHrW17%2FtAO0WjqegeD0W3U"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
styles3.css
booking.com-find-1215.com/css/booking1/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/css/booking1/styles3.css
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/p/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc052d928f0a7507aba9d381da1f927298df5c0cb802d302a77ba196d9f47317

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/p/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:35 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 29 Sep 2023 13:31:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6516d1aa-8950"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uk8U0s38shVKTubr7n0TcZErB9fWRMrW0oBNd4a%2Fwbnoqpj0XTyk7hF4bUBNG%2FDBEo49VCTV3YpBHMSEAuwa0AmOiThPDH5%2B32StsushzUURrTPRVq6H7H7Om0s8sA%2FB5edAggmKwo%2FaZR3uvT%2BMVhREdHDqgmyR"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ab2d9ddea66aed-BUF
alt-svc
h3=":443"; ma=86400
chat.css
booking.com-find-1215.com/build/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/build/chat.css
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/p/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/p/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:35 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 29 Sep 2023 13:31:52 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6516d1c8-a0e"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXvuSI5inUcCPMxkzrrYlukbj4R08DhAXBqpwYHb90eyXUTc2ggIAIYK1ZqSDsbjp52%2BVmFE4H%2BGfCEXz4uOOiffLowPAZQj0dE6VZ187AaBjtVEEhARgiuvwFuMLvTzDZacWkgroApDw1YxISgO5N9ztAaWy5mL"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ab2d9de84b4bd8-BUF
alt-svc
h3=":443"; ma=86400
submit.js
booking.com-find-1215.com/css/booking1/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/css/booking1/submit.js
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/p/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd9d78e7013b1d96cf305c9010d521a75f0bfabc5a0d79d46acc6d60b85ac82

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/p/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:35 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 29 Sep 2023 13:31:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6516d1aa-56f2"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaQAk6vJ2XHsCiSy9RRmejvLTDQZt3HWKuHNK0BkZvVYZvKDPUx4a6rLWea9FjsLA7Zgcb3wYb1rxBc%2B2T%2BAHwMt%2BNXaV4zk4wXjgz86KYOskvb5CVJ8ZtEuRiZyfIvQbTr8XmP5%2BtrLjvByp7y23AdT0TNra5qr"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ab2d9f79944bd8-BUF
alt-svc
h3=":443"; ma=86400
blur_input.js
booking.com-find-1215.com/css/booking1/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/css/booking1/blur_input.js
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/p/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eaae12a5b85c3a24efd4d581e61ef3773befd9f64b1421c678038bf17c559ba

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/p/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:35 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 29 Sep 2023 13:31:21 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6516d1a9-5465"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZryCSxOXyg97nsz4gVrJS6xewKtYrqN4vyFM8PzdXXTgmaBEJNx5%2BP%2BWuzmGvu2H%2FysDinUOC40ApioPcpWOKXWxEuBJZmaLQX5jEuDiXMjGya%2Fp%2BEbc%2FX%2BhTRE7iqTCLiEgoHYnyfPlQV1ck8h1sqUP%2B4Fjjvi"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ab2d9f79984bd8-BUF
alt-svc
h3=":443"; ma=86400
jquery.min.js
booking.com-find-1215.com/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/js/jquery.min.js
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/p/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/p/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:35 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 29 Sep 2023 13:31:42 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6516d1be-15d84"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXFRmxPPUgX43GK8%2F6lFsfiBVklH1HpIDhi43ktBqduxqHVAcPNbYMq7u1e8aOQUCZYvTam%2FltMqrasb0QFyJxM8q18TvNZM9TNdV%2Fpk9UHXAQyLif8Cz7L5msh%2Bt%2Fo95LPybNOVdq3JcFhkqST9bSpZJ43B4ZZt"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ab2d9de84e4bd8-BUF
alt-svc
h3=":443"; ma=86400
205043862.jpg
q-xx.bstatic.com/xdata/images/hotel/max1024x768/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q-xx.bstatic.com/xdata/images/hotel/max1024x768/205043862.jpg?k=cb206cd7e168396fd835ece1ad72f3d0dc2e96fa39bd9ae22935f2116975d4e4&o=
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/p/6134932669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215f:600:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
90e3587efe56148cca82f81bc91a2ae20e592f4f585b044f43695f5edae8df48
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:44:09 GMT
via
1.1 8628ab00b77c57209ad876418b745f6e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
YUL62-C2
age
108685
etag
"4cdd2cace7b389eb57eba0fe5cad2cf65aaf4e1f"
x-cache
Hit from cloudfront
content-language
103997
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
kOVYzwNabLRKQ2Z6OcetyPaIj4jFAFTONhhr8KcWeF_M84y8q8xlIA==
x-xss-protection
1; mode=block
6134932669
booking.com-find-1215.com/chat/ Frame E0ED 		29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/chat/6134932669
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/p/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
054cb559189af4e7987bc31ea17c5ccca9d12f0dc48246dff5c148fa3ee878a1

Request headers

Referer
http://booking.com-find-1215.com/p/6134932669
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
84ab2d9fa8456aed-BUF
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Jan 2024 20:55:35 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mh6nJ54L1Y%2BbDn46xesm7Odrzy0pJd49cBYtIhNx0XvTxL0tz9Pa6dWVURxBwHRrpB%2BmfAKCfuychHFu%2BqH3PKZEgF3%2FJc67tFHaSdMCgL4%2FzJYiXcfrAw1%2B2DqGe4nR6Tu6FayRR28o%2F37ZDqBsB3XL%2BdGlBu7"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
user_send_status.php
booking.com-find-1215.com/ajax/ 		0
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/ajax/user_send_status.php
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://booking.com-find-1215.com/p/6134932669
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jan 2024 20:55:36 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zt6ddS1WBXfcuPpFT1FcYUFCbP9SMbZIpHmYJltEcKqz5T9iCMNSsxj70JLfW9e3iqIwZUn1BKaC%2B7Zykj02rtdft1fa9y7h%2BORiXdBchR%2Fsmm2LP2ksGR38aY9Sk8BHG57xhypqeQaNYI593nGPRgBEflvE%2FbAx"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
84ab2d9fd8766aed-BUF
alt-svc
h3=":443"; ma=86400
Expires
Thu, 19 Nov 1981 08:52:00 GMT
flags.png
booking.com-find-1215.com/css/booking1/img/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://booking.com-find-1215.com/css/booking1/img/flags.png
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/css/booking1/styles3.css
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc78e1550450ab81964ef660b05cb14fb17e0b895b261925ad7e6e073502dfc4

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/css/booking1/styles3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:35 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 29 Sep 2023 13:31:24 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"6516d1ac-77d8"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXTbo%2FNjJQPN8GtEILpXLplmSE7tToOjYZvMF7q4MDwpV8dxLGwVLJZfBcK4s6ajEt5kc2wGJcl46cjf32Oah5eRp7WXtCLElCBA6SQF4VmEBZAlOAMlrCvo9711SrhbYd3bHz%2FroP0vR3%2BNtQyBxhxbGvbEvO%2FI"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ab2d9fdc944bc0-BUF
alt-svc
h3=":443"; ma=86400
Content-Length
30680
chat.css
booking.com-find-1215.com/css/ Frame E0ED 		106 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/css/chat.css
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/chat/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/chat/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:36 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 29 Sep 2023 13:31:12 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6516d1a0-1a924"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8sTqTve7GzJizEYOFC%2BRXBL3OcaoKWiqZQZMMz%2BHOxXlxL%2FPs9%2FfYIsXhdPoc0BlueJXJcs0TzCvnfVzRTeQBpsgFpL9Jk6IuaWyIBWLKBse0UeRfEAgJnvzh6x6Dp0Shk3WQn%2F77sThnjSDoA75AHdpmMgYiJQ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ab2da37bf66aed-BUF
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame E0ED 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/chat/6134932669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 20:55:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4072556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfIdOPcgAsccKFMie3ric3QQeldv9RAQMhaxArqqRkJayLn5oW8FDBgTJq5hxZBrMWnK9g2Kjpo%2FjL%2B1oxldCkdqU%2F3qtsHneQ5Ko6W8GlDTEWbumVOqVXV%2FFbnEwJD%2BAC0bm0oMwyp3yoag%2FAo3bRfc"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84ab2da3d8394bbd-BUF
expires
Mon, 13 Jan 2025 20:55:36 GMT
support.png
booking.com-find-1215.com/img/ Frame E0ED 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://booking.com-find-1215.com/img/support.png
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/chat/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/chat/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:36 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Sun, 12 Nov 2023 22:37:04 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"65515390-3d12"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oef2BEut3f8XQpFiw3FQPOw0CITb0SWFdIOrW%2BAHSz4i62yneMIDakoydq1HI1vVykYkqecYbGtxq6TFC7UNbyWCfOvM4MuKGhBIpH4Az1ZFb98CUz11Fka23Ed28LxQK9CvsyZMn05eabXYJSd5aAys2NpfYVgp"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ab2da37c984bd8-BUF
alt-svc
h3=":443"; ma=86400
Content-Length
15634
support-open.png
booking.com-find-1215.com/img/ Frame E0ED 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://booking.com-find-1215.com/img/support-open.png
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/chat/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/chat/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:36 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Sun, 12 Nov 2023 22:37:04 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"65515390-5400"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IF2CEzjyNZ%2F8yGiEA8LYNsxEsm8p6YMVaUA5Rz%2FOlhcO0Jo8XPXVXRm17mZKzmUBvk3ZwiiXOA%2B34zCTxKMB5gJSSfe6QZxb4u%2F0RM0gSCZs7p22YnO19wRsaeq7uAXqrYqS%2FPuVCmLcqT6r6UF8e33UewXKs8GY"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
84ab2da37c994bd8-BUF
alt-svc
h3=":443"; ma=86400
Content-Length
21504
jquery.min.js
booking.com-find-1215.com/dist/new_card_design/ Frame E0ED 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/dist/new_card_design/jquery.min.js
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/chat/6134932669
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/chat/6134932669
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 20:55:36 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Fri, 29 Sep 2023 13:31:30 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"6516d1b2-15d84"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9sL5ZrTiAI5WC2Qfd0hXPPhY5ipLpBEkXTwjYR7fOA2c2JvA%2BkhQ%2BV3AgzL9RYbd7Fb9NEqkm8wbvKwDJmReJl4yD0rTaFxWd0I9d1EDanfVscCIt7MRI5W2kb3SDBW5K9thegoO89MT3dUkFw5aZxLwdy52MoN"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
84ab2da39c106aed-BUF
alt-svc
h3=":443"; ma=86400
msg_check.php
booking.com-find-1215.com/ajax/ Frame E0ED 		6 MB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/ajax/msg_check.php
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/dist/new_card_design/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2ec41a633ab6d48e43e1503832c220fbfa48fdd0987a4343082fccc5091c65

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://booking.com-find-1215.com/chat/6134932669
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jan 2024 20:55:37 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIj19LFd6D3tvCj4VLDxeSOTR4Vn6hGFbHCxeuU%2B1EYoNP7zmYUYduO5vO%2BSKY%2FCyANqoIvxx2%2F9gyVYNhSAaU2mKplffS9p%2BOMlo2GjjGK2PPU2PScqtnyvYcfWLxwtNXdCZ2ZwENpvZXZb9r2PDWMPyNcLl2Jg"}],"group":"cf-nel","max_age":604800}
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
84ab2da53d5d6aed-BUF
alt-svc
h3=":443"; ma=86400
Expires
Thu, 19 Nov 1981 08:52:00 GMT
/
www.booking.com/ Frame E0ED
Redirect Chain
  • http://booking.com-find-1215.com/chat/%7Bimage%7D
  • https://booking.com/
  • https://www.booking.com/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.booking.com/
Protocol
H2
Server
13.225.195.114 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://booking.com-find-1215.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date
Wed, 24 Jan 2024 20:55:40 GMT
strict-transport-security
max-age=86400; includeSubDomains
via
1.1 77deda202124ec17aac7cacac8230f8a.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":604800}
server
nginx
x-amz-cf-pop
BOS50-C1
content-security-policy-report-only
frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=537a93268f5c02b2&e=UmFuZG9tSVYkc2RlIyh9YdPFJGDFjZSqK4Z-4dNTMVuezFNN-jG04uG7G2eEZqBNUjF9LW57sJ4
report-to
{"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
x-cache
Miss from cloudfront
location
https://www.booking.com/
x-terms-of-service
https://www.booking.com/content/terms.html
x-amz-cf-id
jMJd5FQ7Vws58Qomt550-VWd_0lvTxxFPSo1LGbcZ0wDbjvx7jM64A==
x-xss-protection
1; mode=block
payment_card_status.php
booking.com-find-1215.com/ajax/ 		16 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/ajax/payment_card_status.php
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://booking.com-find-1215.com/p/6134932669
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jan 2024 20:55:40 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaRdIcEMZYUCd0YX%2BsApp34xVVgSwE0UMYTHRuD2uCF6UntFl1H5FzcKnNVM%2FtBQqesdNOUp9lcmULcFAEnDb0z0aERZnV5Uk%2F1tMCIe2AqSiFjYWD00s5SDAKL1F5uZ4Rwqb9CynBs9lSflMkgqrCsqPHRbZXtg"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
84ab2dbeeb526aed-BUF
alt-svc
h3=":443"; ma=86400
Expires
Thu, 19 Nov 1981 08:52:00 GMT
user_send_status.php
booking.com-find-1215.com/ajax/ 		0
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/ajax/user_send_status.php
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/js/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://booking.com-find-1215.com/p/6134932669
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jan 2024 20:55:40 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlvhE5lR8%2FlbB9SzzpF7jdnMXZ%2BFVjZlZ7YCQpN3zED6NQ93MEHxdLexIwAhHhk4AR5H%2Bwrnv6mQaM4hV1xcxsPhhz90%2FBKmpfgEdCyhLuG2AqM4lDBI2f5LcdNbfkGVlrxRtawftLOH2iGYbtDt4zhQJ6P0kn9N"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
84ab2dbee8d04bd8-BUF
alt-svc
h3=":443"; ma=86400
Expires
Thu, 19 Nov 1981 08:52:00 GMT
msg_check.php
booking.com-find-1215.com/ajax/ Frame E0ED 		45 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://booking.com-find-1215.com/ajax/msg_check.php
Requested by
Host: booking.com-find-1215.com
URL: http://booking.com-find-1215.com/dist/new_card_design/jquery.min.js
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:b75c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b7286d9c464e00264643e3bd0edb9a5212cf8bc4bb547f5f17c6f5eadda7b3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://booking.com-find-1215.com/chat/6134932669
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jan 2024 20:55:41 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPtHsbFPUxnXM9ggoAgfacGGchR9jtai3esg8J0%2FercJaCvngUAf%2BEbSaxzw9SIu42XHlh0zrj9Hwsj5jsBiwUvM8XllGE4ub0iHUiiBQa12ORtLVOl704pqPSNu0HavgejChHruMjQAgIhoSUk8ZiC3LGep1BY3"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
CF-RAY
84ab2dc47fc96aed-BUF
alt-svc
h3=":443"; ma=86400
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery number| get_status function| onPage function| scrollToErrorInput

1 Cookies

Domain/Path Name / Value
booking.com-find-1215.com/ Name: PHPSESSID
Value: pgoo5e0kit1tqfqn9tpn1h91k3