URL: https://booking.extranet-2965722426.net/sign-in/other-options
Submission Tags: @ecarlesi possiblethreat phishing booking Search All
Submission: On February 25 via api from IT — Scanned from IT

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 31.41.44.158, located in Russian Federation and belongs to ASRELINK, RU. The main domain is booking.extranet-2965722426.net.
TLS certificate: Issued by R3 on February 25th 2024. Valid for: 3 months.
This is the only time booking.extranet-2965722426.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 31.41.44.158 56577 (ASRELINK)
10 1
Apex Domain
Subdomains
Transfer
10 extranet-2965722426.net
booking.extranet-2965722426.net
218 KB
10 1
Domain Requested by
10 booking.extranet-2965722426.net booking.extranet-2965722426.net
10 1

This site contains links to these domains. Also see Links.

Domain
account.booking.com
secure.booking.com
partner.booking.com
Subject Issuer Validity Valid
booking.extranet-2965722426.net
R3
2024-02-25 -
2024-05-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking.extranet-2965722426.net/sign-in/other-options
Frame ID: 61E588490DF74BA224409135E8A7CD9E
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Booking.com

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

218 kB
Transfer

1814 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request other-options
booking.extranet-2965722426.net/sign-in/
222 KB
23 KB
Document
General
Full URL
https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Feb 2024 16:13:52 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
45_1975cbc2f7eaad75f590.css
booking.extranet-2965722426.net/sign-in/index_files/
222 KB
23 KB
Stylesheet
General
Full URL
https://booking.extranet-2965722426.net/sign-in/index_files/45_1975cbc2f7eaad75f590.css
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
336_afde72b9aaa8302ff017.css
booking.extranet-2965722426.net/sign-in/index_files/
222 KB
23 KB
Stylesheet
General
Full URL
https://booking.extranet-2965722426.net/sign-in/index_files/336_afde72b9aaa8302ff017.css
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
826_0d1737e180931a217647.css
booking.extranet-2965722426.net/sign-in/index_files/
222 KB
23 KB
Stylesheet
General
Full URL
https://booking.extranet-2965722426.net/sign-in/index_files/826_0d1737e180931a217647.css
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
style.css
booking.extranet-2965722426.net/sign-in/index_files/
222 KB
23 KB
Stylesheet
General
Full URL
https://booking.extranet-2965722426.net/sign-in/index_files/style.css
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
etnht.gif
booking.extranet-2965722426.net/sign-in/index_files/
17 KB
17 KB
Image
General
Full URL
https://booking.extranet-2965722426.net/sign-in/index_files/etnht.gif
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:53 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
main.js
booking.extranet-2965722426.net/sign-in/js/
222 KB
23 KB
Script
General
Full URL
https://booking.extranet-2965722426.net/sign-in/js/main.js
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:52 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
libs.min.js
booking.extranet-2965722426.net/sign-in/js/
222 KB
23 KB
Script
General
Full URL
https://booking.extranet-2965722426.net/sign-in/js/libs.min.js
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:53 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
common.js
booking.extranet-2965722426.net/sign-in/js/
222 KB
23 KB
Script
General
Full URL
https://booking.extranet-2965722426.net/sign-in/js/common.js
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:53 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
us.png
booking.extranet-2965722426.net/sign-in/index_files/
17 KB
17 KB
Image
General
Full URL
https://booking.extranet-2965722426.net/sign-in/index_files/us.png
Requested by
Host: booking.extranet-2965722426.net
URL: https://booking.extranet-2965722426.net/sign-in/other-options
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
31.41.44.158 , Russian Federation, ASN56577 (ASRELINK, RU),
Reverse DNS
gurlenkqqi.example.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking.extranet-2965722426.net/sign-in/other-options
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Feb 2024 16:13:53 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| pulseverifElement object| callverifElement object| smsverifElement

1 Cookies

Domain/Path Name / Value
booking.extranet-2965722426.net/ Name: PHPSESSID
Value: 79jsfda9v0a47ffapid45ri60t

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

booking.extranet-2965722426.net
31.41.44.158
c06666e1e99816e1e9bb8c9579f60bd52d3c5c94f434faa42bb2118b9b78cd69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855