urlscan.io logo urlscan.io
SecurityTrails logo

premium-trial.info Open in urlscan Pro
20.114.132.86  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://premium-trial.info/test/
Submission: On February 17 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 14 HTTP transactions. The main IP is 20.114.132.86, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is premium-trial.info.
This is the only time premium-trial.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Booking (Travel)

Domain & IP information

IP Address AS Autonomous System
1 20.114.132.86 8075 (MICROSOFT...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
1 199.232.36.193 54113 (FASTLY)
2 2600:9000:25c... 16509 (AMAZON-02)
14 4
Apex Domain
Subdomains		 Transfer
10 wakkobot.ru
static.wakkobot.ru
166 KB
2 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 12501
92 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6040
175 KB
1 premium-trial.info
premium-trial.info
138 KB
14 4
Domain Requested by
10 static.wakkobot.ru premium-trial.info
2 cf.bstatic.com static.wakkobot.ru
1 i.imgur.com premium-trial.info
1 premium-trial.info
14 4
Subject Issuer Validity Valid
*.wakkobot.ru
GTS CA 1P5		 2023-02-01 -
2023-05-02		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.bstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-21 -
2023-10-11		 a year crt.sh

This page contains 1 frames:

Primary Page: http://premium-trial.info/test/
Frame ID: 323066D88C0CE97F97E46AA01E0E3C09
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Booking.com | Official website | The best hotels and accommodation

Page Statistics

14
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

571 kB
Transfer

1335 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
premium-trial.info/test/ 		138 KB
138 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://premium-trial.info/test/
Protocol
HTTP/1.1
Server
20.114.132.86 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
a4f8e837e0ff2e5285518ec597cb66dd4cd8bbec39bb6d7616a0f9d0b73369da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
141310
Content-Type
text/html
Date
Fri, 17 Feb 2023 21:03:06 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 16 Feb 2023 03:09:12 GMT
Server
Apache
common_functions.js
static.wakkobot.ru/common_js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wakkobot.ru/common_js/common_functions.js
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23133a750c67b0f8c95f1a25b2762373fecacb4d4b03d32079bde9bd1de291f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 13:16:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6256
etag
W/"6331a629-11a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCu0abkYMRtnZV3fa8g2BxZ8Cc%2F10qm2LhgO7rrU5dsCwLfeOlJ6h94DZ3NLEqg5IW%2B1mtQVIYEPf3e6ODuIkSWuY7MEBfZgYvweSoU%2BTvJ%2FcPPSFhJL52EwmECzaKAhUi5Xx5FXIZroEW0GCPZBHR0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
79b177c4bf93c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service.js
static.wakkobot.ru/services/booking/js/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wakkobot.ru/services/booking/js/service.js
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b2a52ba139c48694dd88530d8ec703d55607e64a5c9d80879e9247cebfff665

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 25 Aug 2022 02:23:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6256
etag
W/"6306dd06-56f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgQlJ2u0NY88tGIVP8kAkMFGH87qrXPt3ysx5gnttEzj2cUK5RR70k8Yy2eMT5v8Uw%2FeyEe%2B9%2FIB39scan6S%2B%2B5cuRei%2FT5qx4Vl9Dw10yKra%2FmWNHyvvrhv73C2ynqeyyVUTGeGmrR%2FtWEyQ2rl3%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
79b177c4bf94c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.js
static.wakkobot.ru/common_js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.wakkobot.ru/common_js/main.js
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b30d2a8c1a91814227b08cb092d4835f7f77ce5ddc209320596f9ef42fa4fece

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 18 Oct 2022 13:26:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6256
etag
W/"634ea99a-2cab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsVlQUE%2Bw0krNcnX7Rf7v%2BUqXllPbCxExpmnNikXJNQbBpP7qahc%2F5vv7BQXpGEYNGOy2lBSGmHjRzKgh9mAMCg5lUxo%2FDzBUDGvca%2BhslXmJhcSwJDUaAh2DMCaFpXsyCG%2BH8ud0OeAFdGXK1V3JC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
79b177c50814c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
2315c86a444d12c84d6fe2eea34bcaa3fa2b083a.css
static.wakkobot.ru/services/booking/css/ 		295 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.wakkobot.ru/services/booking/css/2315c86a444d12c84d6fe2eea34bcaa3fa2b083a.css
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842973863534c5e2c65557842f3420376672ef37232ca7de1cda155c40b4d0a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Aug 2022 01:38:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6306d286-49d51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX0PXUmB3ra%2BsolBTOeP8ihH%2FBjUDug%2FsGu9NIZagzRquauD5%2BZXYNUCrgPouq41F8EidpS2BmrdnZSkcWsHQqxoOT6eGpizCr%2BSAjeX1qDJFoeyxX%2BFEOW2bWfPx6Y1D4YhU4QTOTJkvSvsUx%2FrPss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
79b177c4bf8cc33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
d1fc27f39f57cd85bda48bb5025b0d18910cc01a.css
static.wakkobot.ru/services/booking/css/ 		167 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.wakkobot.ru/services/booking/css/d1fc27f39f57cd85bda48bb5025b0d18910cc01a.css
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f1628c18f46635164ac250a0f89b866f5e8836023c0c13e2a7021ba37b9d923

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Aug 2022 01:38:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6306d286-29aee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgCJGYUUK8vUAzlrPBHzY9mmnh1TvxrBUsnAT97QhBlnu4D6%2BSp1n3xODkAXC%2FrJ%2FIZYl%2FJYYf4GVwBVeBsWr31mghgDVGYV05kvtZsjk%2FX4NasGBK7GupkFnr7eQQt3rXf4CMU7SNxdnWly6V2N%2B20%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
79b177c4bf8dc33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
eb3bfeee971fb1edb265f76092220a62800f18e4.css
static.wakkobot.ru/services/booking/css/ 		444 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.wakkobot.ru/services/booking/css/eb3bfeee971fb1edb265f76092220a62800f18e4.css
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c33e516583c54d9068eea79ed07d3bbee88c8ebc5c95c80862b0ef2db0f79c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Aug 2022 01:38:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6306d286-6ee9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjmg%2FUCa4j29AjTrqfgtY8Qxe0grgQHstLE7XgDwF9lV7q%2Ba27AlW70VcUJ6GpEVYReUipkuzCnbeE9ATJu4JWfH%2BN8d8%2F9rNSmb%2FfuNGxBJ4ou%2Fp1Rft1hwRxlb6COmEMOkfJJrgem5XeZhodxOQB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
79b177c4bf90c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
9de2fbd982434c00077a21f32f751e6bbbab0ab3.css
static.wakkobot.ru/services/booking/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.wakkobot.ru/services/booking/css/9de2fbd982434c00077a21f32f751e6bbbab0ab3.css
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eba450ed5d9abc0eac8abcb7751a1fe1dbae37e65966294175684bf1d0c2068

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Aug 2022 01:38:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6306d286-1972"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qGWdLYCvXCHmB4gzc%2B%2BIhWTYPYzZVLLSmNcs4xndiFkABZNCZLpBPIPJAouPzA1TesPOh7UtJZq1M%2BJ%2FyqrZrvX%2FAszxmJ5oepfGGF3xbHrtLKHWoEqT4jkfOzFrczipmyreM3l4GyimYjgAtziuL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
79b177c4bf92c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
22615963add19ac6b6d715a97c8d477e8b95b7ea.png
static.wakkobot.ru/services/booking/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wakkobot.ru/services/booking/images/22615963add19ac6b6d715a97c8d477e8b95b7ea.png
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a224634c470546276e7cac5917e6ad0e5f02d430903bfe192ddbf40eaee42f8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Aug 2022 01:38:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6306d286-80c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E5BLYLRnS7A3bJ0AzooPACMC4gAFjd6Q06mJFlb5OVBOQi7dE8oEF0LH4g8s3AgYzEq8lHJj3b7n%2B4vzeDfIxkBk2HY9dcOvz6pFsewFgPaDNHbiSqfdOmpFlSPa%2BNJsruhiX0K6nnewONj8y1TdXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=120
accept-ranges
bytes
cf-ray
79b177c50816c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2060
85e02501df1560d359a473f544224481a83c9aa7.png
static.wakkobot.ru/services/booking/images/ 		95 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wakkobot.ru/services/booking/images/85e02501df1560d359a473f544224481a83c9aa7.png
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Aug 2022 01:38:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6306d286-5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BiN8uwAnnnftK%2B8kBf6abl088C9W129B4UPrKaS4SjhohjWfjdmKFg1%2BNM7jMhuCx219aKCqPFuYEF81UhTAh4XXU5jU%2F1AjBvCV69PF%2BOAyCbNk1RD5i5HX7NJkv5um0AeyOmgvQyeZEX0aubCCrY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=120
accept-ranges
bytes
cf-ray
79b177c50818c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95
r1yreg6.jpg
i.imgur.com/ 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/r1yreg6.jpg
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.193 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e793da0474289db99963ec05f2466d286f4c000e290217bd7c4ca6c2e80b8a25
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
192321
x-cache
HIT, HIT
content-length
178683
x-served-by
cache-iad-kiad7000045-IAD, cache-lga21939-LGA
last-modified
Thu, 09 Feb 2023 15:15:57 GMT
server
cat factory 1.0
x-timer
S1676667787.009724,VS0,VE2
etag
"4f8fab8470dfc6c215b7d71f0c88b17c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15, 1
a036b381ca37fbf991ea660e642ede29e32305d8.png
static.wakkobot.ru/services/booking/images/ 		383 B
816 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wakkobot.ru/services/booking/images/a036b381ca37fbf991ea660e642ede29e32305d8.png
Requested by
Host: premium-trial.info
URL: http://premium-trial.info/test/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60edf0ae7588f3a5dd1eb80c9c82c0836c4f70cf81466897c7bc88ddcb67f518

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://premium-trial.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 21:03:07 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Aug 2022 01:38:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6306d286-17f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTqUSQ3DVWg3HxZYM4GjpjiZhQ3FfV6wMYABfu%2BkO0dX7XaZbZXFW28nwpP5%2FVhcbqA9l7JBMiv%2BMIVTpi6zEdCBQ9GvGhPOgzO9t8v78LsypJmiDQybGFr1Q37XGIwJIgV3r6wtnYhXKMb25QttEqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=120
accept-ranges
bytes
cf-ray
79b177c50819c33d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
383
224ab63b8018e821722b2d8eec90aeaa8be168c7.png
cf.bstatic.com/static/img/profile/default_avatar_24/ 		271 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/static/img/profile/default_avatar_24/224ab63b8018e821722b2d8eec90aeaa8be168c7.png
Requested by
Host: static.wakkobot.ru
URL: https://static.wakkobot.ru/services/booking/css/d1fc27f39f57cd85bda48bb5025b0d18910cc01a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:9800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
384f336f316c06b2de74e1b673d4b78e17e20343c782a760ad69f149d1ce1c52
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://static.wakkobot.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 18:00:51 GMT
via
1.1 52f91163dc9b412469bf709634e4afca.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
PHL51-P1
age
2170936
x-cache
Hit from cloudfront
content-length
271
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:55 GMT
server
nginx
etag
"5cadd1d3-10f"
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Az8gCxXyUciPG-ILA2hGLoN_NVwb7cnHBkD3FiwDFkc7QP5RlThmFA==
expires
Wed, 22 Feb 2023 18:00:51 GMT
29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2
cf.bstatic.com/static/fonts/booking-iconset-original/ 		91 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cf.bstatic.com/static/fonts/booking-iconset-original/29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2
Requested by
Host: static.wakkobot.ru
URL: https://static.wakkobot.ru/services/booking/css/d1fc27f39f57cd85bda48bb5025b0d18910cc01a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:9800:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a98c20990fe3e31203fe2db8384af8e05e7b358cdae3c28b034e1f02b47db630
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.wakkobot.ru/
Origin
http://premium-trial.info
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 15:35:35 GMT
content-encoding
br
via
1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
nel
{"report_to":"default","max_age":600}
x-amz-cf-pop
PHL51-P1
age
970052
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2019 11:21:49 GMT
server
nginx
etag
W/"5cadd1cd-16a34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
aqpquFyusprH6RSu6dB5OfjrCUtqpoOj4m1JTKVMg2lBlId8oZXqXA==
expires
Wed, 08 Mar 2023 15:35:35 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| initSmartsupp object| CommonFunctions object| service object| Utils object| ModulesPool

0 Cookies