urlscan.io logo urlscan.io
SecurityTrails logo

booking-app.nauht.fun Open in urlscan Pro
104.21.95.215  Public Scan

Go To Rescan Add Verdict Report
URL: https://booking-app.nauht.fun/
Submission Tags: @ecarlesi possiblethreat phishing booking Search All
Submission: On December 13 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 104.21.95.215, located in and belongs to CLOUDFLARENET, US. The main domain is booking-app.nauht.fun.
TLS certificate: Issued by E1 on November 10th 2023. Valid for: 3 months.
This is the only time booking-app.nauht.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.21.95.215 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains		 Transfer
3 nauht.fun
booking-app.nauht.fun
99 KB
3 1
Domain Requested by
3 booking-app.nauht.fun booking-app.nauht.fun
3 1

This site contains no links.

Subject Issuer Validity Valid
nauht.fun
E1		 2023-11-10 -
2024-02-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://booking-app.nauht.fun/
Frame ID: C165BC86810DA4693A33A83219DA5BF2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Booking.com | Official site | The best hotels, flights, car rentals & accommodations

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

99 kB
Transfer

360 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
booking-app.nauht.fun/ 		726 B
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://booking-app.nauht.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0165b52ce086d63e716a37e89bf212f5d5ecae34b6ea9e41a026105456fd86a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
834af1ee7c6618a0-MRS
content-encoding
br
content-type
text/html
date
Wed, 13 Dec 2023 02:58:23 GMT
last-modified
Thu, 16 Jun 2022 07:58:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JP%2BNZZg5J3IL3jvJYT0Y%2FqZt5ioF5E3miegCha48TIOaHhomEdNzt%2BMsnuna2SR45AA8FiJL8uffLYBwDoRyqw7OCF%2B1qdCpck3bwggWfI2dZVKkDhpTa4ySdryTIB9%2FKLBp0sTA3TU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
main.9eb8736f.js
booking-app.nauht.fun/static/js/ 		347 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking-app.nauht.fun/static/js/main.9eb8736f.js
Requested by
Host: booking-app.nauht.fun
URL: https://booking-app.nauht.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d6ea88ce3af58d528ef259417be749cd36883d6b3d41878c73d5eee9e3367f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking-app.nauht.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 02:58:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 16 Jun 2022 07:58:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"62aae29f-56b9c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxU%2BF%2BNhK%2Bb%2FI%2BaqnOaMR%2FmoA1Vt9Gd6kFQtDMHDsa%2FuT2Ys8uSjC1CcnO0JQWqfDruS3FwPV%2F0WJcTrIzC3gvdphHaxbbQSKcYRV4VfFZ9RhHvPNQxQi6U%2BjZku2kltbAns85kIxyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
834af1f29f9a18a0-MRS
alt-svc
h3=":443"; ma=86400
main.44d9a8b6.css
booking-app.nauht.fun/static/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://booking-app.nauht.fun/static/css/main.44d9a8b6.css
Requested by
Host: booking-app.nauht.fun
URL: https://booking-app.nauht.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.95.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94ace48f46ddde5c6d8cd7663d3daf1b6dc3d818af92ba09dc6b5f7c34fcd46a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://booking-app.nauht.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 02:58:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 16 Jun 2022 07:58:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
etag
W/"62aae29f-2e30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktQRrkNIEo7ntFoTongFkWz0VCe28KNVCbuOmu308U%2Bc%2BOAasZXEUGFde7hpt5gSY1hyO2fHEqdiWyV8wT9xWLrLT8mfafA9F5wCje5RXsZStFLm5aCXZHE9we9g%2B04izqdieBNTikg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
834af1f29f9818a0-MRS
alt-svc
h3=":443"; ma=86400
truncated
/ 		872 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ca83fa1186c48a91d498dd7bf86830fead89486c0df6cf0fe72339b00555a8a

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkreactjs_app_booking object| FontAwesomeConfig object| ___FONT_AWESOME___

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff