urlscan.io logo urlscan.io
SecurityTrails logo

roomcustomerbookdetails441020.com Open in urlscan Pro
172.67.170.96  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://roomcustomerbookdetails441020.com/6wj1py17
Submission: On May 29 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 172.67.170.96, located in United States and belongs to CLOUDFLARENET, US. The main domain is roomcustomerbookdetails441020.com.
TLS certificate: Issued by GTS CA 1P5 on May 28th 2024. Valid for: 3 months.
This is the only time roomcustomerbookdetails441020.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Booking (Travel)

Domain & IP information

IP Address AS Autonomous System
16 172.67.170.96 13335 (CLOUDFLAR...)
1 185.57.173.91 29119 (SERVIHOST...)
1 104.17.25.14 13335 (CLOUDFLAR...)
18 3
Apex Domain
Subdomains		 Transfer
16 roomcustomerbookdetails441020.com
roomcustomerbookdetails441020.com
236 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
6 KB
1 avantio.com
app.avantio.com
8 KB
18 3
Domain Requested by
16 roomcustomerbookdetails441020.com roomcustomerbookdetails441020.com
1 cdnjs.cloudflare.com roomcustomerbookdetails441020.com
1 app.avantio.com roomcustomerbookdetails441020.com
18 3

This site contains no links.

Subject Issuer Validity Valid
roomcustomerbookdetails441020.com
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
*.avantio.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-11 -
2025-01-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://roomcustomerbookdetails441020.com/6wj1py17
Frame ID: 5F1C8774AB927FE6A52D39F70CF743C2
Requests: 10 HTTP requests in this frame

Frame: https://roomcustomerbookdetails441020.com/chat/6wj1py17
Frame ID: AE1E259C48DC2E21AA519A669F73DBAC
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Booking.com | Official site | The best hotels & accommodation

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

250 kB
Transfer

773 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6wj1py17
roomcustomerbookdetails441020.com/ 		98 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3df952dc36380beb3c7a8ef4c7b03ee8b7e82d541e34f329cde34e9b488324dd

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88b7ed3bdee560f7-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 29 May 2024 16:40:31 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFrxpwQDtH3y66vdbsoR7ySdggjcawsKKk%2F0L9bqiBhCRsMlO5M73Pql%2FJDKW6onMUAoT2b1APEGjDYNzNrKvFeKsMz8eOD9JuFhSaLpAtJcm%2BKPVBH00QiBnBAkCxb8INS2SVf0CvomKCO6Seyc8NErSS4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
styles-new4.css
roomcustomerbookdetails441020.com/css/booking1/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/css/booking1/styles-new4.css
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794075538b19a75df8737bf2c563b3e46741007b3277ad98fced0622d9fb84d9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:06:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6638c7b8-89d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ao940c%2Bel%2Bet6XnU4pInvZ3wKvtO%2B4HZ6LUp%2FYo%2FiccUXCQZnezLa4voCB13f57BLsr4QmUtu%2BBqcJgfM0ELir0mYa2BVGyG17yvzKaTT55i%2FMOwPlKhuATD378CSQ0eMdUTX2cj46QdOQIKSF3NjbylOdI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88b7ed3ebaa860f7-LHR
alt-svc
h3=":443"; ma=86400
chat.css
roomcustomerbookdetails441020.com/build/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/build/chat.css
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:05:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6638c776-a0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AV7dx8Iy5LUreIHn9lKq8McjvSLX3cy3W1qFScCKmBjqKvux32afBLazKMjr3eVk6V%2Fh4birBJ6caLe1K2yZq5bBVPndtNtkAW6%2BzPb%2FSt4n%2F%2FY4HbwNA%2F5res4yuRD03YTNoCzWCfA0s6VAeN%2F20NdXxp0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88b7ed3ebaaa60f7-LHR
alt-svc
h3=":443"; ma=86400
submit-new5.js
roomcustomerbookdetails441020.com/css/booking1/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/css/booking1/submit-new5.js
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
041a9f2109ba1a8868254c924dd5462bc08c42c6b634dca04563cfad33966a78

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:06:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6638c7b9-5bad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylhiijtMqmJnQPu9LstQPWx8E5hzfEQj1xYdt8AF4Iy%2F9JJorhG1LatF%2FweH2FuP9tnj%2FVi9NyUTYF7YnC8ri3W1fB2cEb%2BPkBPWcgIV3QN%2BabK4N3KSO0ohnPqAa%2BVw4kmd4KxNzuI1bLoq79L6F89K0UA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88b7ed3fdc3b60f7-LHR
alt-svc
h3=":443"; ma=86400
blur_input.js
roomcustomerbookdetails441020.com/css/booking1/ 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/css/booking1/blur_input.js
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eaae12a5b85c3a24efd4d581e61ef3773befd9f64b1421c678038bf17c559ba

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:06:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6638c7b7-5465"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5hjc7622853FdrGJOfTR7niAd8FI0XL1muzMbP7GNDS5BbmFdziFB8aVCW2SBcWB6LWu%2Bo3dvWeP%2FfggkpA6u5U8SCd8f9UHBYzOrMGKJ7zjf%2BUWSV3SeqDpm6t%2BwAqFxu8rYkydMhTNezXQhSwcHFQSTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88b7ed3fdc4960f7-LHR
alt-svc
h3=":443"; ma=86400
jquery.min.js
roomcustomerbookdetails441020.com/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/js/jquery.min.js
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:07:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6638c7ea-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdSY9Ty2SwnPBIE%2BTl9f39wf%2BeHUXeyQ3X2MNb5opzZA6r1SakquU69QHjpHvovcG%2BtfaklwEbWM5qmiOrdn9IYQz%2BLebwQx7k%2BVwCep50OJJaMcV25xztGkOK%2BPXVeuuUmJA1H4rctYb1AZrDCXNlcGo4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88b7ed3ebaab60f7-LHR
alt-svc
h3=":443"; ma=86400
sm16135744525209b39d5ea74b7609b0679a3a0886bc.jpg
app.avantio.com/fotos/2/1613574448d2e3435ff7798fc10798d4907f2d6325/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.avantio.com/fotos/2/1613574448d2e3435ff7798fc10798d4907f2d6325/sm16135744525209b39d5ea74b7609b0679a3a0886bc.jpg
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/6wj1py17
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.57.173.91 , Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx /
Resource Hash
2655b0f05fecb0f1adb01c14164834b9f12d3e5b3049b286ef3d07b282473e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 29 May 2024 16:40:31 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 17 Feb 2021 15:07:33 GMT
Server
nginx
ETag
"602d3135-1d8d"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7565
X-XSS-Protection
1; mode=block
6wj1py17
roomcustomerbookdetails441020.com/chat/ Frame AE1E 		29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/chat/6wj1py17
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae6fedd0f1b49eb5892621be61ceefaba73579643573bf449e4f022bc7c59fe

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://roomcustomerbookdetails441020.com/6wj1py17
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88b7ed3fec5560f7-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 29 May 2024 16:40:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0fcOS0hpyKIj%2Fw0Tq3ee6e6ZtCf35IAKcGwaZW1744zLog6DmOBkPq9PiiqP8NY%2BEVLBMflrrBeyYcRe9d%2BmWZvIwMJIG6YpTSX3aDBvIZZNbD7B7y2hTm3NPKlqdAMO54u8I8GzxC2hGzWW2uqSGWJhZA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_send_status.php
roomcustomerbookdetails441020.com/ajax/ 		0
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/ajax/user_send_status.php
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://roomcustomerbookdetails441020.com/6wj1py17
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kesNI0vubNnA393h0ckg1nFSxRDIkRjSRP5y2wz1SzKbO4aw%2Ft4gPm7x%2BcJSoalmLw5xpQrZ%2B%2BUMTnS6k%2FBQWuDa1VbXfhXTbgbTw9AJVR%2FuEewnmWqd%2FpaK61UXE3RSfeT1bqVqeo4us%2FXaid3CDfl6FPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
88b7ed3fec5760f7-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
flags.png
roomcustomerbookdetails441020.com/css/booking1/img/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomcustomerbookdetails441020.com/css/booking1/img/flags.png
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/css/booking1/styles-new4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc78e1550450ab81964ef660b05cb14fb17e0b895b261925ad7e6e073502dfc4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/css/booking1/styles-new4.css
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:06:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6638c7bc-77d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZyscACvAaNfBdENdlWO3cV6AjYfkDf6KWKPY%2BDtiJ7w%2BSyNTv6YCLSgjOjNGZuuUdeGWTh5GH44sTQ8qqjuk6fWSG7ODw1rnTwT7PthxzDcsbz17ADtL%2BYAw3Dv4ypNdAGoZyFKUzHiDUiXEz%2BZgCaMfCyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88b7ed3fec5b60f7-LHR
alt-svc
h3=":443"; ma=86400
content-length
30680
chat.css
roomcustomerbookdetails441020.com/css/ Frame AE1E 		106 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/css/chat.css
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/chat/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/chat/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:05:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6638c7a3-1a924"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZM9ZTBtmtWNB5quDiuk9huHVfFjWGEcYy9cFhzhdTp7Q5EWk%2BaIkRWWCyDNJkTiXOEXXVq1PKGg8hEIhag0SZbiKduPURABd6VAMjpDX8sxvUtD7VU%2BitNsqUug4253uY1cqk5lSyxydwFM8NDOLuq8Y38%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88b7ed413e0960f7-LHR
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame AE1E 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/chat/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
510904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuoWmPZa4L8L%2FZVmbCyIpTQzq7%2BY6DslP9EyAqkaVAbuz70G9U%2F0NFtkrHGukmkIgw9ga8ls4E2Ee%2FuO2ZbG4rXdIvmnGI6A%2F5iz96h5EfEaTpfVYSGJFFfVJ%2FRtrH9V2o5E0Jw%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88b7ed418b4f23c0-LHR
expires
Mon, 19 May 2025 16:40:32 GMT
support.png
roomcustomerbookdetails441020.com/img/ Frame AE1E 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomcustomerbookdetails441020.com/img/support.png
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/chat/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/chat/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:06:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6638c7e1-3d12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYvFhyw4eSFkzuWdYs5cGfCIlAjCpcr8ieoxHlpFhnW7iqzlCquNdLrzmQCdMlfVFDKraTwAoLxtI%2B%2BZlR1OGDzcPmZLiISAEMENiXz5cq9iG5I9z69bOkOg32v17eArn3WPYJBKwV0lv58S4e3hRU%2FgAeU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88b7ed413e0b60f7-LHR
alt-svc
h3=":443"; ma=86400
content-length
15634
support-open.png
roomcustomerbookdetails441020.com/img/ Frame AE1E 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomcustomerbookdetails441020.com/img/support-open.png
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/chat/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/chat/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:06:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6638c7e1-5400"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZUQ4TTL392EaDhSgepdyBkbzFNDAQdUzLDS97XFN%2Fr5l0%2FtCdbuCEBAQRaNSK2uk1QsWcusafCollOuGT4MLv57qINoFonzS65tTFv4y8ZWTfSMgAg1OEVsK27nKI21JWL7YyM1ixwYp1CiDUYkEFvinYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88b7ed413e0c60f7-LHR
alt-svc
h3=":443"; ma=86400
content-length
21504
jquery.min.js
roomcustomerbookdetails441020.com/dist/new_card_design/ Frame AE1E 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/dist/new_card_design/jquery.min.js
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/chat/6wj1py17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/chat/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:06:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6638c7c7-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dEZjVxll2ZSdm%2F6nDsBjTTAtcJS68ASFdp7%2BrMINkgvJL7eaStS2C6R7B6jkNW8z%2BXLiCADFgn%2BxQe7M0%2Bpt4hm2WoyhgnDvzzJqz%2BlhGT7k39Z5t1NoF3toaFB2i6jRF3hbt4DcaglJniLpf3jciy212L0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88b7ed413e1060f7-LHR
alt-svc
h3=":443"; ma=86400
msg_check.php
roomcustomerbookdetails441020.com/ajax/ Frame AE1E 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/ajax/msg_check.php
Requested by
Host: roomcustomerbookdetails441020.com
URL: https://roomcustomerbookdetails441020.com/dist/new_card_design/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba8fe5a8f66039f3e9bee802f353a51d142087c382323d6a4811fc089169e32

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://roomcustomerbookdetails441020.com/chat/6wj1py17
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oU0e56sYRt1lmg3l2LJnbYZKQBs3X31KiV59ifMDr6gYrjLJFiqyHvxcdTHc0fQBSdMMAUdEUwfrBx9Z2m5Xtt%2BF6oAoLT8MBy02vXOdw9d4KN3nw5XE0TEtYoBSz0OelwvY5hiOPE2C6uec6jQj1Kbl4Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
88b7ed423f6460f7-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
roomcustomerbookdetails441020.com/ 		177 KB
44 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://roomcustomerbookdetails441020.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f125a6025a5caea38f91b98ffd8d560cdf532329f12e4fe143453161ce7dea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 06 May 2024 12:05:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2c208-617c7e173397d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRBabZR90pCohc7r2%2FAW%2FrOXqilwCHMGGUN4YiaSaSpi%2FNDKEBmQi4T4pUXUs%2B15uqFQG%2B4Pvvgb7W30TJCSJxqtAdlLq%2Fs8T9URUgIBaVDGfJTZyDO1TkUuTM9%2BjQa1Qa%2FeANtHUTavXRKMvbFkgRd00IE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
88b7ed423f6a60f7-LHR
alt-svc
h3=":443"; ma=86400
%7Bimage%7D
roomcustomerbookdetails441020.com/chat/ Frame AE1E 		0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomcustomerbookdetails441020.com/chat/%7Bimage%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://roomcustomerbookdetails441020.com/chat/6wj1py17
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 29 May 2024 16:40:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUr7LGWnsZB0iYyQSUTod7WFPfiY9Rpal%2FGGAL9IAVsQu9RhhHlMdOu%2Fv7pSt1ZPjBO7dZKzFeh76rrx6Lrkx69BpgeLiBtjq9T8nlZgW1yfEHtjE1zEM%2ByVVLFwxfWzmyGeMOKN6vbevvKW%2FW0ASL7RMKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
88b7ed43890e60f7-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery number| get_status function| onPage function| scrollToErrorInput

1 Cookies

Domain/Path Name / Value
roomcustomerbookdetails441020.com/ Name: PHPSESSID
Value: gbtj5n1u589b7c9p3gp1ephh6a