URL: https://booking-info.cfd/
Submission: On December 22 via automatic, source certstream-suspicious — Scanned from NL

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is booking-info.cfd.
TLS certificate: Issued by WE1 on December 22nd 2024. Valid for: 3 months.
This is the only time booking-info.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 188.114.97.3 13335 (CLOUDFLAR...)
1 104.131.67.145 14061 (DIGITALOC...)
5 3
Apex Domain
Subdomains
Transfer
3 booking-info.cfd
booking-info.cfd
8 KB
1 freebiesupply.com
cdn.freebiesupply.com — Cisco Umbrella Rank: 246777
67 KB
0 gov.ru Failed
old.rkn.gov.ru Failed
5 3
Domain Requested by
3 booking-info.cfd booking-info.cfd
1 cdn.freebiesupply.com booking-info.cfd
0 old.rkn.gov.ru Failed booking-info.cfd
5 3

This site contains no links.

Subject Issuer Validity Valid
booking-info.cfd
WE1
2024-12-22 -
2025-03-22
3 months crt.sh
cdn.freebiesupply.com
R10
2024-11-17 -
2025-02-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking-info.cfd/
Frame ID: 9A69CE1F719724A845B3B08236BD14CD
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Booking.com - Верификация

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

74 kB
Transfer

83 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
booking-info.cfd/
4 KB
2 KB
Document
General
Full URL
https://booking-info.cfd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba1f2daf574bf71f2fa08d2a9c2bad1f3965b9dc9e90a191bc61b4355062cea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f5e6225bbbb6604-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 22 Dec 2024 07:26:23 GMT
last-modified
Sun, 22 Dec 2024 07:04:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FNw7Nq89x6uFMI3MA1QiVYwhaCOQXRn8If2tgTTGdAalXs5nqnX5ffVAMH3ZqJXcTgwiYcDqqvCGbgogsVwJOm2dgTW85seqSkTFd6ZWcxgdHR%2BHyMF6nxmMZZPCK0%2BirVc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=12965&min_rtt=12483&rtt_var=2736&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4486&delivery_rate=702&cwnd=12000&unsent_bytes=0&cid=9f4b391472fb1320&ts=120&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
styles.css
booking-info.cfd/
7 KB
3 KB
Stylesheet
General
Full URL
https://booking-info.cfd/styles.css
Requested by
Host: booking-info.cfd
URL: https://booking-info.cfd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ea9747e094055ebba10dc3d3b3f924be2cc37bf2455f3ce8e74786af40e4e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://booking-info.cfd/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6767ba3a-1a55"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RmGFSpYAltK6y7R6iwQcAWgVMjW%2B5yViZ3jDvMn3Cwd4ecWuNNinZzgQ0lFOeyIGm82PopSYrAJkVsYPvIykrs5%2BXFhhOL9BEhVCrBK8O35sHYOE9mvdPS1kqMwwX9HQQghz"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5e62267c406604-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13023&min_rtt=12483&rtt_var=1767&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6612&recv_bytes=5129&delivery_rate=189169&cwnd=12000&unsent_bytes=0&cid=9f4b391472fb1320&ts=235&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 07:26:23 GMT
content-type
text/css
last-modified
Sun, 22 Dec 2024 07:05:30 GMT
vary
Accept-Encoding
priority
u=0,i=?0
bookingcom-logo-png-transparent.png
cdn.freebiesupply.com/logos/large/2x/
66 KB
67 KB
Image
General
Full URL
https://cdn.freebiesupply.com/logos/large/2x/bookingcom-logo-png-transparent.png
Requested by
Host: booking-info.cfd
URL: https://booking-info.cfd/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.131.67.145 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8c02efdc4e35d225d3b599676be554c0977e37390a8bd338740d5507435294b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://booking-info.cfd/

Response headers

X-Cache-Status
HIT
Cache-Control
max-age=15552000, public, no-transform
ETag
"1f499d6fd88885202b6f851b01ef17bc"
Connection
keep-alive
x-amz-request-id
47P772CZS4V0BAM8
Expires
Fri, 20 Jun 2025 07:26:24 GMT
Accept-Ranges
bytes
Content-Length
67634
Date
Sun, 22 Dec 2024 07:26:24 GMT
Content-Type
image/png
Last-Modified
Fri, 09 Mar 2018 13:57:17 GMT
Server
nginx
x-amz-id-2
bdA5qu3PEAFlxVF4cc/TDA6jigshSxh4Oo/mPDlq3Ijg2Z/+Jau4aBNrDLQbMLfG8QFy8UvYAyo=
image51608.jpg
old.rkn.gov.ru/images/news/
0
0

script.js
booking-info.cfd/
6 KB
3 KB
Script
General
Full URL
https://booking-info.cfd/script.js
Requested by
Host: booking-info.cfd
URL: https://booking-info.cfd/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fa501f87b0ccfb0c8d35e679398bb19c2ebbca3d48c04618bc02fda1e95a7ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://booking-info.cfd/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"6767ba22-1719"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22PQOXMONqjg1dFq%2FEk%2F9b5JSP9YejUsM69oiHwLgCVdhXfiG%2Bgm4r1Cpy8H4DBcfqoP3Hu9YKzy43cOflchPf4UXWg6dxSDAL2FOtdBd%2FCzfUqdblVLkdsqmho8jdcPc4JT"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5e62269c496604-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13003&min_rtt=12483&rtt_var=1134&sent=19&recv=15&lost=0&retrans=0&sent_bytes=9329&recv_bytes=5216&delivery_rate=25267&cwnd=12000&unsent_bytes=0&cid=9f4b391472fb1320&ts=284&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 07:26:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sun, 22 Dec 2024 07:05:06 GMT
vary
Accept-Encoding
priority
u=2,i=?0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
old.rkn.gov.ru
URL
https://old.rkn.gov.ru/images/news/image51608.jpg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fetchChannelInfo function| showPrompts function| submitForm function| generateVerificationId

0 Cookies