urlscan.io logo urlscan.io
SecurityTrails logo

primehotelbooking.com Open in urlscan Pro
172.67.208.18  Public Scan

Go To Rescan Add Verdict Report
URL: https://primehotelbooking.com/images_02/icon-slide-plus.html
Submission Tags: @ecarlesi threat phishing Search All
Submission: On December 10 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 172.67.208.18, located in United States and belongs to CLOUDFLARENET, US. The main domain is primehotelbooking.com.
TLS certificate: Issued by WE1 on December 9th 2024. Valid for: 3 months.
This is the only time primehotelbooking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 172.67.208.18 13335 (CLOUDFLAR...)
3 1
Apex Domain
Subdomains		 Transfer
4 primehotelbooking.com
primehotelbooking.com
8 KB
3 1
Domain Requested by
4 primehotelbooking.com 1 redirects primehotelbooking.com
3 1

This site contains no links.

Subject Issuer Validity Valid
primehotelbooking.com
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://primehotelbooking.com/images_02/icon-slide-plus.html
Frame ID: FD4D9F41A6BC7B0BD43DB0B621CB5956
Requests: 1 HTTP requests in this frame

Frame: https://primehotelbooking.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: B7E05ED2663C33EABD52418E74C21DDB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

7 kB
Transfer

11 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://primehotelbooking.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://primehotelbooking.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request icon-slide-plus.html
primehotelbooking.com/images_02/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://primehotelbooking.com/images_02/icon-slide-plus.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b949e531d4ee2045ba26ade2d29d5d84281518e385e98d743cd1f4f0379b1dba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8efa774b5b31db10-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Tue, 10 Dec 2024 04:24:34 GMT
last-modified
Mon, 04 Nov 2024 10:31:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qp0xPITf3zYZhTq2XeUIJKCWlrhnp%2Bjhc9esCNensLJCaE%2BYt8IYQrLHuvdIllzI4BR1zAXp10kkFNf9A%2B2csljkNhhgqNvXwoHWK%2F7z5KkGh%2Fe%2BFIXh9tL4uHNMxsGc8Gu7CrFN1hc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=10320&min_rtt=10279&rtt_var=2962&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2350&delivery_rate=363465&cwnd=253&unsent_bytes=0&cid=5854168e7310e064&ts=773&x=0"
vary
Accept-Encoding
main.js
primehotelbooking.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame B7E0
Redirect Chain
  • https://primehotelbooking.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://primehotelbooking.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://primehotelbooking.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H2
Server
172.67.208.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2aea00ec8b6f122724aad090a77625fd3be0c7c12b5165e80c0da3a8c93040
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ko%2F%2F%2FnUcrL3mMuozzk9e178JAx6cLhKcYBZHVHjQsnBSjabC2ipzqWfVcVW0JEnMSWZtkcjOLm%2F965rPyZ5%2Ft6UzlcsK6yMMAj3Dx0G%2FS15%2F023SOesHcPasVUXJs1TyJ0U7ELjros%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8efa77509a17db10-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=14510&min_rtt=10272&rtt_var=9630&sent=13&recv=12&lost=0&retrans=0&sent_bytes=6481&recv_bytes=2554&delivery_rate=493155&cwnd=257&unsent_bytes=0&cid=5854168e7310e064&ts=930&x=0"
date
Tue, 10 Dec 2024 04:24:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU%2B5gAP4ej4qDm%2BToPx%2FhrpQazYe0uLFJtvPW4DVMPNARXCD0vbXaUn3CzIRWZ7UvROvn65t%2BvYQbspuUXYYxjpknNYe%2FN58CQkQCt4PStK7SEx9dC4p4SjxaaRPphsWVGqBVMP%2Bpks%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efa775059cedb10-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=TCP&rtt=10327&min_rtt=10272&rtt_var=1686&sent=12&recv=11&lost=0&retrans=0&sent_bytes=5939&recv_bytes=2459&delivery_rate=493155&cwnd=257&unsent_bytes=0&cid=5854168e7310e064&ts=879&x=0"
date
Tue, 10 Dec 2024 04:24:34 GMT
vary
Accept-Encoding
server
cloudflare
8efa774b5b31db10
primehotelbooking.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B7E0 		0
998 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primehotelbooking.com/cdn-cgi/challenge-platform/h/g/jsd/r/8efa774b5b31db10
Requested by
Host: primehotelbooking.com
URL: https://primehotelbooking.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.208.18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0evaKkgf5Ry5QUFWSSB1RJGVn381pCJtqkGwyR%2Fs9PB4MEARljm9SQSur6MXaVJqCHZtdNzJynkVTV6wdejXxEvvn%2BGFlkaKrWH1osHj2VHbIh0qq5Dvdzgp6rrzc01y4SgMnsD%2F4pQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efa77514ae6db10-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18991&min_rtt=10210&rtt_var=16258&sent=26&recv=29&lost=0&retrans=0&sent_bytes=11335&recv_bytes=19036&delivery_rate=741223&cwnd=257&unsent_bytes=0&cid=5854168e7310e064&ts=1085&x=0"
content-length
0
date
Tue, 10 Dec 2024 04:24:34 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.primehotelbooking.com/ Name: cf_clearance
Value: 7ASl1zL6I.3AN7n7m2AqQUqbp44dbYdX2eeO8T2tfaY-1733804674-1.2.1.1-Ve6eLnRcoXw5eaXMdrCYVqg9PEyqligFibXpJXs5ztUrH3EgRImBcsXkbIDqeoTnFmJOcMt7DZQQiEbTJAYLm36OnD_Tp0OQKh5VmxrTVGwl6hdjyAbAGfKnEpn_1tDb.FYkvQyhFrS272sNgbGNtGflLMKU4s2bd1xVctFVjjuXeycl5wL5V583wwxXc4Fmh7z_ToKhHSocKoPG1qWq8rY1KfVRihNtVlFBe8jqFKKcqRTRlFbezZDn0CYf0r8CML3qYrdHEViQiO8sUumxisYfJzSuq2XKQHufg_BBap63t3iDOpXHgqe2m0vbfB1uKUHpfsqUOlo5Kpr_27rLxe3_D5YhzYvTLpGBAylbDho_1k2VVk71RF_Q5984lKnb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

primehotelbooking.com
172.67.208.18
0f2aea00ec8b6f122724aad090a77625fd3be0c7c12b5165e80c0da3a8c93040
b949e531d4ee2045ba26ade2d29d5d84281518e385e98d743cd1f4f0379b1dba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855