urlscan.io logo urlscan.io
SecurityTrails logo

room-reserve.com Open in urlscan Pro
172.67.202.233  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://room-reserve.com/hflxvodt
Submission: On January 06 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 172.67.202.233, located in United States and belongs to CLOUDFLARENET, US. The main domain is room-reserve.com.
TLS certificate: Issued by WE1 on January 5th 2025. Valid for: 3 months.
This is the only time room-reserve.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Booking (Travel)

Domain & IP information

IP Address AS Autonomous System
17 172.67.202.233 13335 (CLOUDFLAR...)
1 2600:9000:266... 16509 (AMAZON-02)
1 104.17.25.14 13335 (CLOUDFLAR...)
19 3
Apex Domain
Subdomains		 Transfer
17 room-reserve.com
room-reserve.com
263 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
6 KB
1 bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 20260
171 KB
19 3
Domain Requested by
17 room-reserve.com room-reserve.com
1 cdnjs.cloudflare.com room-reserve.com
1 cf.bstatic.com room-reserve.com
19 3

This site contains no links.

Subject Issuer Validity Valid
room-reserve.com
WE1		 2025-01-05 -
2025-04-05		 3 months crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-21 -
2025-11-20		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-11-26 -
2025-02-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://room-reserve.com/hflxvodt
Frame ID: D9A9C77F4A0C7808CD757D9C7A3AF262
Requests: 10 HTTP requests in this frame

Frame: https://room-reserve.com/chat/hflxvodt
Frame ID: 991DB13BA57C9C575A5EFD4735EAF9F2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Booking.com | Official site | The best hotels & accommodation

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

440 kB
Transfer

1003 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hflxvodt
room-reserve.com/ 		98 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0b16be7dc2dc2790018b8d05eb2acfc846ecd0e629b46613e2329fdeb48740

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8fdaa40939769277-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 06 Jan 2025 09:21:56 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3qqtue9MHapzX8WZY5tkILq3pusZ8YhjDBp8ljN%2Fxc%2B2OAY06hiIqPPwuFXIlZqVQ5k6LqAmJKrhk2WKA4eKuq9yBoCWWPk669%2BaV9eDKpkirFeAcm%2BiwsS43FliAKLRMyT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6710&min_rtt=6477&rtt_var=1211&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4151&recv_bytes=4495&delivery_rate=888&cwnd=12000&unsent_bytes=0&cid=50e01a3546df0ca0&ts=250&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
styles-new4.css
room-reserve.com/css/booking1/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/css/booking1/styles-new4.css
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c8299774f1e680f61a3345a08aab6b9ede719012d8edd177d4d7fcce99f215

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/hflxvodt

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"6742f255-9735"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I7%2B3h947Y73q75EyVdTZOAKzkSRHUtT3rUAfsSgGGlg8TMVncQDn%2B8zmwY6LIBVFIJuXUHIuMAvFcMOMdMXm8%2Bp%2FSBCHs%2B4vjrjIrOgD%2B7qtfbIPp8bDOosLo%2BMBpDjtrEDo"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40ada169277-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6739&min_rtt=6477&rtt_var=205&sent=31&recv=21&lost=0&retrans=0&sent_bytes=24128&recv_bytes=5872&delivery_rate=1079613&cwnd=22800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=293&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:56 GMT
content-type
text/css
last-modified
Sun, 24 Nov 2024 09:31:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
chat.css
room-reserve.com/build/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/build/chat.css
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/hflxvodt

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"66f56eaa-a0e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttSslUjJO%2Bqj5hVOkA8rJ6LQUOxpKqf1n3KdCo90gsYm5bU2MHtxWbYUJ2sNp093aPtGvxEJuqykiSxVUseF6LLbLqamxHuBpXWpwMZOkp1bHmZA7KMnwqN%2FPbnmKmuIrah%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40ada189277-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6739&min_rtt=6477&rtt_var=205&sent=29&recv=21&lost=0&retrans=0&sent_bytes=22704&recv_bytes=5872&delivery_rate=1079613&cwnd=22800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=293&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:56 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 14:24:42 GMT
vary
Accept-Encoding
priority
u=0,i=?0
submit-new8.js
room-reserve.com/css/booking1/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/css/booking1/submit-new8.js
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3628a6ac8643b2dcfd0026dd68eea7a627efac6ad60df23f3c46afdd760350d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/hflxvodt

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"6742f256-5c37"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h11rmYxvQJaferiDhRofdcJxuCVEMVL5CaKG2FowVIYWo1i4GWK7UAI3z1%2BfWpqTdXkpEQlj1n4bSVsUwVNE2w%2BNTjqLRDv5MAd6mKkFTNI9yqKYgbOp7PuzMFj8T4PY1Ys2"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40b1a349277-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7232&min_rtt=6358&rtt_var=682&sent=79&recv=48&lost=0&retrans=0&sent_bytes=68329&recv_bytes=8793&delivery_rate=222783&cwnd=40800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=332&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:56 GMT
content-type
application/javascript
last-modified
Sun, 24 Nov 2024 09:31:02 GMT
vary
Accept-Encoding
priority
u=3,i=?0
blur_input.js
room-reserve.com/css/booking1/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/css/booking1/blur_input.js
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eaae12a5b85c3a24efd4d581e61ef3773befd9f64b1421c678038bf17c559ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/hflxvodt

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"6742f254-5465"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85fc89ctfqzymSFYyYTRlgWAPA7sivyaGBtLllNAGGR3TnPc88Pty5g2646fyiNxDhegfXsxyF8VQEhrXllIfIEuYsQN5DO5b86E7MOw0M5DBV2lYNBq2m6jqZU0VLjEIj%2F9"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40b2a3a9277-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7472&min_rtt=6358&rtt_var=803&sent=84&recv=50&lost=0&retrans=0&sent_bytes=73776&recv_bytes=8881&delivery_rate=197899&cwnd=40800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=341&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:56 GMT
content-type
application/javascript
last-modified
Sun, 24 Nov 2024 09:31:00 GMT
vary
Accept-Encoding
priority
u=3,i=?0
jquery.min.js
room-reserve.com/js/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/js/jquery.min.js
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/hflxvodt

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"66f56e8f-15d84"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gmyqQfiRnxZ3KKchbAgDFb%2BCXdhs9u%2F7ae%2FTGkG9ztnm%2BqJKzRmmPghv0QieI1DsncZQ0bHTPEnQWGD0vWMEjcjtMf8L1qlBxwlQ4tD4yVmHzyqf4UQ5ag0CL67Jn8uf%2FnU"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40ada199277-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6739&min_rtt=6477&rtt_var=205&sent=40&recv=21&lost=0&retrans=0&sent_bytes=33787&recv_bytes=5872&delivery_rate=1079613&cwnd=22800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=297&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:56 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 14:24:15 GMT
vary
Accept-Encoding
priority
u=1,i=?0
295291566.jpg
cf.bstatic.com/xdata/images/hotel/max1024x768/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf.bstatic.com/xdata/images/hotel/max1024x768/295291566.jpg?k=7f324b5bd136d4b6739563b68b99e6b3383e4d2b7817494a2bb149234bfd9b97&o=&hp=1
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/hflxvodt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:2a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ba7afd9c2dbfa99f57718d297d23112eef4ce2329db13f17a4b50da7f73b1267
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/

Response headers

cache-control
max-age=2592000
timing-allow-origin
*
etag
"32023d271a38b05d8c9b12af95513ef134bfce34"
age
1442105
via
1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
WgvJh5SdlBoC0rph1s3VJVXCmHI8i56EW3IIjwfLmCTGkGAREHXuNw==
date
Fri, 20 Dec 2024 16:46:51 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
content-language
174961
server
nginx
x-amz-cf-pop
FRA56-P8
hflxvodt
room-reserve.com/chat/ Frame 991D 		30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/chat/hflxvodt
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d260be803d8ba724de0d3bb4e656c933502e08007a38f3f9d1804e92e00ffb72

Request headers

Referer
https://room-reserve.com/hflxvodt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8fdaa40b2a3c9277-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 06 Jan 2025 09:21:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VI%2BV%2FeGqu%2FqEgEZ8h%2FRDnOie2n9H2ElIRGB0Le9J1NdCjt2jTmDIermBAtzG5UMDZdCLWh3XSIsonhNJGOx6RONvtAmoyAAENNZpFzXulMwCmdITa7G5unp2mbS66zmqI%2BYR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=7134&min_rtt=6358&rtt_var=132&sent=116&recv=63&lost=0&retrans=0&sent_bytes=110795&recv_bytes=9454&delivery_rate=4662929&cwnd=40800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=440&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
user_send_status.php
room-reserve.com/ajax/ 		0
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/ajax/user_send_status.php
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/js/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://room-reserve.com/hflxvodt
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIXZXUQWNeA4zJm8xFCFTcESUnmwj5PLFaVLVkQfk90cqZzd22VKZ%2Fg%2BiVabhi39k%2BT0zejZDGNSupVDfMSGMGzdMZRMeYpVkV3AcUrS3t2WkRM65z%2FGJJ5LEPgIB1ZheBJ3"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40b2a409277-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7651&min_rtt=6358&rtt_var=397&sent=252&recv=81&lost=0&retrans=0&sent_bytes=261505&recv_bytes=12329&delivery_rate=7438743&cwnd=61200&unsent_bytes=0&cid=50e01a3546df0ca0&ts=548&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
flags.png
room-reserve.com/css/booking1/img/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://room-reserve.com/css/booking1/img/flags.png
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/css/booking1/styles-new4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc78e1550450ab81964ef660b05cb14fb17e0b895b261925ad7e6e073502dfc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/css/booking1/styles-new4.css

Response headers

cf-cache-status
REVALIDATED
etag
"6742f257-77d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9nzN3J1JAqfOFPxHMdK%2Fl8GfI5bws%2Fl1b3RUSGFDqovlWTB7jUHCNFi9z7D60mh%2FEdlISPkBqTocf3nUtBzSwgctDXahD0xZChpd1K6ZT3Ym7qcnlSBYZedbgmqrnF6%2B7Lu"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7189&min_rtt=6358&rtt_var=756&sent=89&recv=53&lost=0&retrans=0&sent_bytes=78766&recv_bytes=9013&delivery_rate=260114&cwnd=40800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=351&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
image/png
last-modified
Sun, 24 Nov 2024 09:31:03 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fdaa40b2a439277-FRA
accept-ranges
bytes
content-length
30680
server
cloudflare
chat.css
room-reserve.com/css/ Frame 991D 		106 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/css/chat.css
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/chat/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/chat/hflxvodt

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"66f56ec4-1a924"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QNcEX2cNnjyOKPUuN%2FR%2Fy%2By1jE7mC%2B15fQLzB0dIzyqLFDIH2absCUeZjrWeYJKsH8ZguY5d3W8uyW0PUcawidsmdMogPvg%2BKr58ILO6FEw%2BCklpUBIZYsEZqA6GfsZflH40"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40bfac09277-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7139&min_rtt=6358&rtt_var=108&sent=140&recv=68&lost=0&retrans=0&sent_bytes=137495&recv_bytes=10969&delivery_rate=1191800&cwnd=40800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=481&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
text/css
last-modified
Thu, 26 Sep 2024 14:25:08 GMT
vary
Accept-Encoding
priority
u=0,i=?0
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 991D 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/chat/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
1148005
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anLC2oYx%2FidvIGt8AmdxUzWXArv5C7RtNC1kZKlCPiiIKpMfiGJA65k68lkGeaKHCxBErES5Kn%2Bk4oHh%2FQYMYsSJ81Dc8pbMl7Ub6POTWcKXwOVj5n%2F56NQ6u9PA9V3G3N3OFJn4"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 09:21:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8fdaa40c1d0618b3-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
support.png
room-reserve.com/img/ Frame 991D 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://room-reserve.com/img/support.png
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/chat/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/chat/hflxvodt

Response headers

cf-cache-status
REVALIDATED
etag
"66f56e87-3d12"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvmJHchQAUfYk6IMiGBvuNfoZIHjsoNzCife9CUpatHP8OGNPWGD679dpg5D%2B4%2FUReDMJcmcW9BtlBkmTylch8gh9lUY6h66B5uhQMFcJYqojNVGEW6cAy%2Fwi8dpVrQrlc3j"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7139&min_rtt=6358&rtt_var=108&sent=126&recv=68&lost=0&retrans=0&sent_bytes=120852&recv_bytes=10969&delivery_rate=1191800&cwnd=40800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=475&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
image/png
last-modified
Thu, 26 Sep 2024 14:24:07 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fdaa40bfac29277-FRA
accept-ranges
bytes
content-length
15634
server
cloudflare
support-open.png
room-reserve.com/img/ Frame 991D 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://room-reserve.com/img/support-open.png
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/chat/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/chat/hflxvodt

Response headers

cf-cache-status
REVALIDATED
etag
"66f56e87-5400"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3uc1PwsLvdaObvLKFmpsy713gNFAUk9%2BB0bZmnTn4Xt4nIO71SV64aoIVkh4B6Dx%2BApoY9l1saa6cn8FevMFiGseqF1IB13Wbq8HELsCnbGffnOIzvjfZnVsCnj6vglJpTs"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7079&min_rtt=6358&rtt_var=168&sent=176&recv=70&lost=0&retrans=0&sent_bytes=178295&recv_bytes=11058&delivery_rate=693050&cwnd=40800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=491&x=1", cfExtPri, cfHdrFlush;dur=3
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
image/png
last-modified
Thu, 26 Sep 2024 14:24:07 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fdaa40bfac49277-FRA
accept-ranges
bytes
content-length
21504
server
cloudflare
jquery.min.js
room-reserve.com/dist/new_card_design/ Frame 991D 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/dist/new_card_design/jquery.min.js
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/chat/hflxvodt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/chat/hflxvodt

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"66f56ee5-15d84"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EmCDeMPWF1abfAoner09LrXng1aIOczq3NWaTnQvY3rumCzXV6rbyxj2oahu6AmFYwzYgVDwhGv5tkXzZbdo4bAVS6qXMwicGrpzh45LA%2FWj7yjIhCpbkkWLzIbeZvWTJxTY"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40bfac69277-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7079&min_rtt=6358&rtt_var=168&sent=157&recv=70&lost=0&retrans=0&sent_bytes=156825&recv_bytes=11058&delivery_rate=693050&cwnd=40800&unsent_bytes=0&cid=50e01a3546df0ca0&ts=488&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 14:25:41 GMT
vary
Accept-Encoding
priority
u=2,i=?0
msg_check.php
room-reserve.com/ajax/ Frame 991D 		53 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/ajax/msg_check.php
Requested by
Host: room-reserve.com
URL: https://room-reserve.com/dist/new_card_design/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d98d930928db5c02d1304123fb1f783f631dde89e716983ffa0f62531c4645b2

Request headers

Referer
https://room-reserve.com/chat/hflxvodt
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m5mk6%2FXfXd57HFcdvIrNFFzsDRXdfMjORxXQHJahTFVMwqi3Fobq8LcBK6n%2Bl8PeRFElDOZFRvT2pDqT9WP0J0o2N1LgLtZSy0R4WC325SyYWBzUqDAsZxvVN6KBkXruEa7y"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40c5b299277-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7796&min_rtt=6358&rtt_var=517&sent=253&recv=86&lost=0&retrans=0&sent_bytes=262240&recv_bytes=12550&delivery_rate=1299437&cwnd=61200&unsent_bytes=0&cid=50e01a3546df0ca0&ts=600&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
favicon.ico
room-reserve.com/ 		177 KB
45 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f125a6025a5caea38f91b98ffd8d560cdf532329f12e4fe143453161ce7dea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/hflxvodt

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"2c208-623067cf79562"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ONxTqpXEUsLsEYAwP%2BZi2xqRbI7ucKIjPnTIeNllp13Lg2hshP9hRnKaGClLien6sdjee2QI6fWQxliMHZCyVKDwKCBaniiaVA2ANpAJb8iL4F%2F%2BG8xnHLaId3g6DnQ6kwA8"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40c5b309277-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7651&min_rtt=6358&rtt_var=397&sent=211&recv=81&lost=0&retrans=0&sent_bytes=213915&recv_bytes=12329&delivery_rate=7438743&cwnd=61200&unsent_bytes=0&cid=50e01a3546df0ca0&ts=546&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 26 Sep 2024 14:23:53 GMT
vary
Accept-Encoding
priority
u=1,i
%7Bimage%7D
room-reserve.com/chat/ Frame 991D 		0
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://room-reserve.com/chat/%7Bimage%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://room-reserve.com/chat/hflxvodt

Response headers

cache-control
no-store, no-cache, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cL0wGm01zkPrpKTmZwkhjPUSo%2BRoEj6NylzGW7kysR9CW6bupzy3VFHAtV9SkKNYTVsIJ%2FHRB77Vxn70EcB%2BFe3SJh10uwq8DpJ2CIBVse0xmgqyRHWxIsqvX%2F21pA3G0DFm"}],"group":"cf-nel","max_age":604800}
cf-ray
8fdaa40cfbaf9277-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7480&min_rtt=6358&rtt_var=688&sent=270&recv=91&lost=0&retrans=0&sent_bytes=278834&recv_bytes=13389&delivery_rate=547780&cwnd=61200&unsent_bytes=0&cid=50e01a3546df0ca0&ts=734&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=3,i
chat.mp3
room-reserve.com/css/ Frame 991D 		12 KB
13 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://room-reserve.com/css/chat.mp3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c56de2b13c86af5740564a85422cec47f56ea992e26374ebce0a024fc918e3a

Request headers

Referer
https://room-reserve.com/chat/hflxvodt
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cf-cache-status
HIT
etag
"66f56ec4-31a5"
age
4951
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcjtYhfz%2B7m%2FPc1EbgpAqgXbqd8VXzIy1%2FT0enZcAqmAPgrfc7ANYi1JVmR2bVQ9jdRpG1FguYd%2FDDnf4BZ5WkCrcIOogCSP9UQ1fTtaOLn4MMSdvqdb36KgLqAnZlwM8Luy"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7660&min_rtt=6358&rtt_var=660&sent=258&recv=89&lost=0&retrans=0&sent_bytes=265117&recv_bytes=13300&delivery_rate=341646&cwnd=61200&unsent_bytes=0&cid=50e01a3546df0ca0&ts=634&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 06 Jan 2025 09:21:57 GMT
content-type
audio/mpeg
last-modified
Thu, 26 Sep 2024 14:25:08 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-12708/12709
cf-ray
8fdaa40d0bb19277-FRA
Content-Length
12709
server
cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery number| get_status function| onPage function| scrollToErrorInput

1 Cookies

Domain/Path Name / Value
room-reserve.com/ Name: PHPSESSID
Value: ho3knd58po8evavfh0nmoidqfi