clz.booking-521.com Open in urlscan Pro
123.253.26.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://clz.booking-521.com/start.php
Submission Tags: @ecarlesi possiblethreat phishing booking Search All
Submission: On April 01 via api (April 1st 2024, 9:47:38 am UTC) from IT — Scanned from IT

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 123.253.26.178, located in Hong Kong and belongs to NETSEC-HK Netsec Limited, HK. The main domain is clz.booking-521.com.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.

This is the only time clz.booking-521.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	123.253.26.178 123.253.26.178	45753 (NETSEC-HK...) (NETSEC-HK Netsec Limited)
4 8	42.193.55.218 42.193.55.218	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
17	2

13 123.253.26.178 (Hong Kong)

ASN45753 (NETSEC-HK Netsec Limited, HK)

clz.booking-521.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 42.193.55.218 (China) 4 redirects

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

ui.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	booking-521.com clz.booking-521.com	253 KB
8	ui.gg 4 redirects ui.gg	1 MB
17	2

	Domain	Requested by
13	clz.booking-521.com	clz.booking-521.com
8	ui.gg	4 redirects clz.booking-521.com
17	2

This site contains no links.

Subject Issuer	Validity	Valid
www.booking-521.com R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://clz.booking-521.com/start.php
Frame ID: F4F00EDCE1C938A1B742E0D0E9312280
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booking.com & Airbnb

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

76 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1418 kB
Transfer

1710 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://ui.gg/lib/images/img?=93 HTTP 301
https://ui.gg/lib/images/img/?=93

Request Chain 12

https://ui.gg/lib/images/img?=81 HTTP 301
https://ui.gg/lib/images/img/?=81

Request Chain 13

https://ui.gg/lib/images/img?=5 HTTP 301
https://ui.gg/lib/images/img/?=5

Request Chain 14

https://ui.gg/lib/images/bg?=23 HTTP 301
https://ui.gg/lib/images/bg/?=23

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request start.php Show response
clz.booking-521.com/ 3 KB
1 KB 761ms
239ms Document
text/html 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/start.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

b3a36204f03c2a52ed32c20fa401c04f2a40488533c11fc591b868b1eb6082aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: it-IT,it;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 01 Apr 2024 09:47:30 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 swiper-bundle.min.css
clz.booking-521.com/styles/ 18 KB
5 KB 241ms
239ms Stylesheet
text/css 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/styles/swiper-bundle.min.css

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

72205c164566dd51031ec220319d306bd4606c71182d485e3c5f16a58b09b53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/start.php
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 13:42:56 GMT
server: nginx
etag: W/"65410460-4803"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:47:30 GMT

GET
H2 200 uigg.css
clz.booking-521.com/styles/ 57 KB
14 KB 462ms
460ms Stylesheet
text/css 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/styles/uigg.css

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

176c9255f7a8c41c69a8435445a82c9a9ce1be3cff94047c8317922adf847338

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/start.php
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 17 Nov 2023 08:29:22 GMT
server: nginx
etag: W/"65572462-e382"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:47:30 GMT

GET
H2 200 styles.css
clz.booking-521.com/styles/ 8 KB
3 KB 463ms
461ms Stylesheet
text/css 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/styles/styles.css

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5d25f5495e9c649e2930a7bf17a9619409eefd343d483ceb4dda26d8aa2c3d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/start.php
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 27 Nov 2023 06:06:18 GMT
server: nginx
etag: W/"656431da-20be"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:47:30 GMT

GET
H2 200 jquery.min.js Show response
clz.booking-521.com/js/ 85 KB
34 KB 812ms
810ms Script
application/javascript 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/js/jquery.min.js

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/start.php
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 05 Sep 2023 08:24:02 GMT
server: nginx
etag: W/"64f6e5a2-155ed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:47:30 GMT

GET
H2 200 swiper-bundle.min.js Show response
clz.booking-521.com/js/ 145 KB
47 KB 813ms
811ms Script
application/javascript 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/js/swiper-bundle.min.js

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

fdbb17d7117737eacfc3f1ae776596878488229b2e7fc16268e2437b22205935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/start.php
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 13:42:46 GMT
server: nginx
etag: W/"65410456-242bf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:47:30 GMT

GET
H2 200 uigg.js Show response
clz.booking-521.com/js/ 30 KB
8 KB 813ms
812ms Script
application/javascript 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/js/uigg.js

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

2a0d5ae5e6fa1a44f1098ad21ca8ff7d9c7dd6676dbeceaa43cd4921c51f3b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/start.php
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:30 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 22 Sep 2023 06:52:50 GMT
server: nginx
etag: W/"650d39c2-7682"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:47:30 GMT

GET
H2 200 main.js Show response
clz.booking-521.com/js/ 476 B
689 B 813ms
812ms Script
application/javascript 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/js/main.js

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

ac9e008eb10ab850d5625ccb1fee8222cd9097c007b0305a82ccf4f41d75652b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/start.php
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:30 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Nov 2023 06:10:12 GMT
server: nginx
etag: "655eecc4-1dc"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 476
expires: Mon, 01 Apr 2024 21:47:30 GMT

GET
H2 200 ico.css
clz.booking-521.com/styles/ico/ 75 KB
14 KB 451ms
451ms Stylesheet
text/css 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/styles/ico/ico.css

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/styles/uigg.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

15d6303761d28f934e3944f8652a333f87e2b378bdef397e0187d5959f2a9582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/styles/uigg.css
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 21 Jun 2023 05:30:08 GMT
server: nginx
etag: W/"64928ae0-12c0d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 01 Apr 2024 21:47:31 GMT

GET
H2 200 head.jpg
clz.booking-521.com/images/ 15 KB
15 KB 241ms
239ms Image
image/jpeg 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clz.booking-521.com/images/head.jpg

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

a8ab36c7eef3cbb63875167ea37225756bd9b016a7b836a2dedb037d8c9d2d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/styles/styles.css
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:31 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Nov 2023 09:12:36 GMT
server: nginx
etag: "655f1784-3b02"
content-type: image/jpeg
accept-ranges: bytes
content-length: 15106

GET
H2 200 1.svg
clz.booking-521.com/images/level/ 1 KB
1 KB 241ms
240ms Image
image/svg+xml 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clz.booking-521.com/images/level/1.svg

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/styles/styles.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

baecd9ca21a7fb341f73a863c117bcf31bdc5ed59457bee2d35c5d157eaf421f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/styles/styles.css
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20 Nov 2023 08:01:44 GMT
server: nginx
etag: "655b1268-4f9"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1273

GET
H2 200 ico.woff2
clz.booking-521.com/styles/ico/ 109 KB
109 KB 249ms
248ms Font
font/woff2 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/styles/ico/ico.woff2

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/styles/ico/ico.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

a3d104734adf4a6fa256ac3bb4c0d9039a872d545ffc6612114bb5c3675f7c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/styles/ico/ico.css
Origin: https://clz.booking-521.com
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:31 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Jun 2023 05:28:44 GMT
server: nginx
etag: "64928a8c-1b360"
content-type: font/woff2
accept-ranges: bytes
content-length: 111456

GET
H2

200

/
ui.gg/lib/images/img/
Redirect Chain

https://ui.gg/lib/images/img?=93
https://ui.gg/lib/images/img/?=93

138 KB
139 KB

873ms
873ms

Image
image/jpeg

42.193.55.218
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ui.gg/lib/images/img/?=93

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Server

42.193.55.218 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

3ae3199d21f0433396121dc0e159532c3c7741af745e83149b12af924299e2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://clz.booking-521.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Apr 2024 09:47:33 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/jpeg

Redirect headers

location: https://ui.gg/lib/images/img/?=93
date: Mon, 01 Apr 2024 09:47:32 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

/
ui.gg/lib/images/img/
Redirect Chain

https://ui.gg/lib/images/img?=81
https://ui.gg/lib/images/img/?=81

115 KB
115 KB

318ms
318ms

Image
image/jpeg

42.193.55.218
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ui.gg/lib/images/img/?=81

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Server

42.193.55.218 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

44586f49758dc80f8769c4dee49940ace246549558ad61fe7e6cb67801dea767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://clz.booking-521.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Apr 2024 09:47:33 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/jpeg

Redirect headers

location: https://ui.gg/lib/images/img/?=81
date: Mon, 01 Apr 2024 09:47:32 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

/
ui.gg/lib/images/img/
Redirect Chain

https://ui.gg/lib/images/img?=5
https://ui.gg/lib/images/img/?=5

172 KB
172 KB

873ms
873ms

Image
image/jpeg

42.193.55.218
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ui.gg/lib/images/img/?=5

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Server

42.193.55.218 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

59e56c8b0503f73ecaebbb912d5d69b5ed80c808768ced643df4b90c0cfb5766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://clz.booking-521.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Apr 2024 09:47:33 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/jpeg

Redirect headers

location: https://ui.gg/lib/images/img/?=5
date: Mon, 01 Apr 2024 09:47:32 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

/
ui.gg/lib/images/bg/
Redirect Chain

https://ui.gg/lib/images/bg?=23
https://ui.gg/lib/images/bg/?=23

738 KB
739 KB

873ms
873ms

Image
image/jpeg

42.193.55.218
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ui.gg/lib/images/bg/?=23

Requested by

Host: clz.booking-521.com
URL: https://clz.booking-521.com/start.php

Protocol

Server

42.193.55.218 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

nginx /

Resource Hash

24655371d798d374124c5eeb75b66d98ac80339252af702ae561a5d72cbce917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://clz.booking-521.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Apr 2024 09:47:33 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/jpeg

Redirect headers

location: https://ui.gg/lib/images/bg/?=23
date: Mon, 01 Apr 2024 09:47:32 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 ico.svg
clz.booking-521.com/images/ 879 B
1 KB 238ms
238ms Other
image/svg+xml 123.253.26.178
NETSEC-HK Netsec ...

General

Check archive.org

Show headers Download Go to

Full URL

https://clz.booking-521.com/images/ico.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

123.253.26.178 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

8609299979500cc9d34cecf82fa3525b8d379d26ebfd2c28a2d17de87a85de83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://clz.booking-521.com/start.php
accept-language: it-IT,it;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 09:47:35 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 Nov 2023 05:11:30 GMT
server: nginx
etag: "655edf02-36f"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 879

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clz.booking-521.com
ui.gg
123.253.26.178
42.193.55.218
15d6303761d28f934e3944f8652a333f87e2b378bdef397e0187d5959f2a9582
176c9255f7a8c41c69a8435445a82c9a9ce1be3cff94047c8317922adf847338
24655371d798d374124c5eeb75b66d98ac80339252af702ae561a5d72cbce917
2a0d5ae5e6fa1a44f1098ad21ca8ff7d9c7dd6676dbeceaa43cd4921c51f3b77
3ae3199d21f0433396121dc0e159532c3c7741af745e83149b12af924299e2ed
44586f49758dc80f8769c4dee49940ace246549558ad61fe7e6cb67801dea767
59e56c8b0503f73ecaebbb912d5d69b5ed80c808768ced643df4b90c0cfb5766
5d25f5495e9c649e2930a7bf17a9619409eefd343d483ceb4dda26d8aa2c3d66
72205c164566dd51031ec220319d306bd4606c71182d485e3c5f16a58b09b53d
8609299979500cc9d34cecf82fa3525b8d379d26ebfd2c28a2d17de87a85de83
a3d104734adf4a6fa256ac3bb4c0d9039a872d545ffc6612114bb5c3675f7c5f
a8ab36c7eef3cbb63875167ea37225756bd9b016a7b836a2dedb037d8c9d2d79
ac9e008eb10ab850d5625ccb1fee8222cd9097c007b0305a82ccf4f41d75652b
b3a36204f03c2a52ed32c20fa401c04f2a40488533c11fc591b868b1eb6082aa
baecd9ca21a7fb341f73a863c117bcf31bdc5ed59457bee2d35c5d157eaf421f
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fdbb17d7117737eacfc3f1ae776596878488229b2e7fc16268e2437b22205935

clz.booking-521.com Open in urlscan Pro 123.253.26.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

76 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1418 kBTransfer

1710 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

clz.booking-521.com Open in urlscan Pro
123.253.26.178 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

76 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1418 kB
Transfer

1710 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions