account.booking.cn
Open in
urlscan Pro
203.107.55.174
Malicious Activity!
Public Scan
Effective URL: https://account.booking.cn/
Submission: On April 15 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 23rd 2024. Valid for: a year.
This is the only time account.booking.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Booking (Travel)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 203.107.55.174 203.107.55.174 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
2 | 18.245.60.2 18.245.60.2 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 2600:9000:225... 2600:9000:2251:6800:5:bf05:acc0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 2606:4700::68... 2606:4700::6813:b234 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 99.86.4.128 99.86.4.128 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2001:4860:480... 2001:4860:4802:36::178 | 15169 (GOOGLE) (GOOGLE) | |
3 | 52.222.236.42 52.222.236.42 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.245.60.7 18.245.60.7 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 18.245.31.103 18.245.31.103 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 18.66.122.49 18.66.122.49 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:225... 2600:9000:2251:ac00:5:bf05:acc0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 35.190.10.96 35.190.10.96 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:440... 2606:4700:4400::ac40:9b77 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
46 | 13 |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
account.booking.cn |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-2.fra60.r.cloudfront.net
www.booking.com |
ASN16509 (AMAZON-02, US)
cf.bstatic.com | |
www.bstatic.com | |
q-xx.bstatic.com | |
xx.bstatic.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
account.booking.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-42.fra56.r.cloudfront.net
nellie.booking.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-7.fra60.r.cloudfront.net
www.booking.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-103.fra56.r.cloudfront.net
d8c14d4960ca.edge.sdk.awswaf.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-49.fra60.r.cloudfront.net
d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com |
ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-pxikkul2rm.px-cloud.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
bstatic.com
cf.bstatic.com — Cisco Umbrella Rank: 15234 www.bstatic.com — Cisco Umbrella Rank: 101003 q-xx.bstatic.com — Cisco Umbrella Rank: 15833 r.bstatic.com — Cisco Umbrella Rank: 106230 xx.bstatic.com — Cisco Umbrella Rank: 22092 |
2 MB |
7 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 309 |
132 KB |
7 |
booking.com
www.booking.com — Cisco Umbrella Rank: 9698 account.booking.com — Cisco Umbrella Rank: 15721 nellie.booking.com — Cisco Umbrella Rank: 18167 |
4 KB |
5 |
awswaf.com
1 redirects
d8c14d4960ca.edge.sdk.awswaf.com — Cisco Umbrella Rank: 25589 d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com — Cisco Umbrella Rank: 74014 |
1 MB |
3 |
booking.cn
account.booking.cn |
72 KB |
2 |
px-cloud.net
collector-pxikkul2rm.px-cloud.net — Cisco Umbrella Rank: 56089 |
1 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33 |
21 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 543 |
425 B |
46 | 8 |
Domain | Requested by | |
---|---|---|
14 | cf.bstatic.com |
account.booking.cn
|
7 | cdn.cookielaw.org |
account.booking.cn
www.bstatic.com cdn.cookielaw.org |
4 | d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com |
account.booking.cn
d8c14d4960ca.edge.sdk.awswaf.com |
3 | nellie.booking.com |
cf.bstatic.com
d8c14d4960ca.edge.sdk.awswaf.com |
3 | www.booking.com |
account.booking.cn
cf.bstatic.com www.bstatic.com |
3 | account.booking.cn |
cf.bstatic.com
account.booking.cn |
2 | collector-pxikkul2rm.px-cloud.net |
r.bstatic.com
|
2 | xx.bstatic.com | |
2 | www.google-analytics.com |
account.booking.cn
www.google-analytics.com |
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | r.bstatic.com |
account.booking.cn
|
1 | d8c14d4960ca.edge.sdk.awswaf.com | 1 redirects |
1 | q-xx.bstatic.com |
account.booking.cn
|
1 | account.booking.com |
account.booking.cn
|
1 | www.bstatic.com |
account.booking.cn
|
46 | 15 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.booking.cn |
www.booking.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.booking.cn DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-23 - 2025-02-13 |
a year | crt.sh |
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-12 - 2024-05-18 |
a year | crt.sh |
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-29 - 2024-11-28 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2024-03-01 - 2024-12-31 |
10 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.d24e0790.eu-central-1.token.awswaf.com Amazon RSA 2048 M01 |
2023-07-26 - 2024-08-23 |
a year | crt.sh |
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA |
2023-08-15 - 2024-09-13 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2023-11-13 - 2024-11-12 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://account.booking.cn/
Frame ID: 6C9DF24332B7DFB430EAE43BFD424E79
Requests: 44 HTTP requests in this frame
Frame:
https://www.booking.com/cookiebanner.html
Frame ID: CA6E344949A7DCFA644ED2282828F784
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Booking.com缤客Page URL History Show full URLs
-
http://account.booking.cn/
HTTP 307
https://account.booking.cn/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
OneTrust (Cookie compliance) Expand
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
PerimeterX (Security) Expand
Detected patterns
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://account.booking.cn/
HTTP 307
https://account.booking.cn/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js HTTP 307
- https://d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
46 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
account.booking.cn/ Redirect Chain
|
274 KB 68 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_etnht
www.booking.com/ |
35 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
511_0fd724c6bf33b8532901.css
cf.bstatic.com/psb/accountsportal/assets/ |
242 KB 243 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
534_d69b727ee73ff93236e4.css
cf.bstatic.com/psb/accountsportal/assets/ |
22 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
57_39298f44d077a144fe18.css
cf.bstatic.com/psb/accountsportal/assets/ |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OtAutoBlock.js
cdn.cookielaw.org/consent/22eb94ef-b1f8-4203-be2b-b456ff8e5df3/ |
5 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
511_0fd724c6bf33b8532901.css
cf.bstatic.com/psb/accountsportal/assets/ |
242 KB 386 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
534_d69b727ee73ff93236e4.css
cf.bstatic.com/psb/accountsportal/assets/ |
22 KB 386 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
57_39298f44d077a144fe18.css
cf.bstatic.com/psb/accountsportal/assets/ |
21 KB 387 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie-banner.min.js
www.bstatic.com/libs/privacy-consent/1.0.0/customer/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime~index_59ed85af9b7228cfa1ac.js
cf.bstatic.com/psb/accountsportal/assets/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
842_e5547ceb6a6b2fb48380.js
cf.bstatic.com/psb/accountsportal/assets/ |
42 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
511_c821cb8b5c2a13b1c9ba.js
cf.bstatic.com/psb/accountsportal/assets/ |
346 KB 346 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
534_35c0c4879f5895d43042.js
cf.bstatic.com/psb/accountsportal/assets/ |
197 KB 197 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
361_7ae1c6c4ea752f140eb1.js
cf.bstatic.com/psb/accountsportal/assets/ |
45 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
373_14c210e2fa24f5558473.js
cf.bstatic.com/psb/accountsportal/assets/ |
123 KB 123 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
699_8be78a0b024a1477942d.js
cf.bstatic.com/psb/accountsportal/assets/ |
13 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_82356ee3cd58c2e052eb.js
cf.bstatic.com/psb/accountsportal/assets/ |
443 KB 444 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fvtrpw.gif
account.booking.com/_/ |
35 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
js-metric
account.booking.cn/ |
12 B 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us.png
q-xx.bstatic.com/backend_static/common/flags/new/48-squared/ |
642 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report-uri
nellie.booking.com/ |
2 B 318 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
www.booking.com/c360/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
track
www.booking.com/c360/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookiebanner.html
www.booking.com/ Frame CA6E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
challenge.js
d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com/d8c14d4960ca/c2181391033f/ Redirect Chain
|
1 MB 1 MB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
px.v7.5.3.min.js
r.bstatic.com/libs/asec/btmgmt/ |
269 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report-uri
nellie.booking.com/ |
2 B 317 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
verify
d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com/d8c14d4960ca/c2181391033f/ |
324 B 742 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.svg
xx.bstatic.com/static/img/ |
1 KB 1 KB |
Other
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
xx.bstatic.com/static/img/ |
610 B 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
22eb94ef-b1f8-4203-be2b-b456ff8e5df3.json
cdn.cookielaw.org/consent/22eb94ef-b1f8-4203-be2b-b456ff8e5df3/ |
6 KB 3 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxikkul2rm.px-cloud.net/api/v2/ |
538 B 784 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
68 B 425 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202308.1.0/ |
411 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.json
cdn.cookielaw.org/consent/22eb94ef-b1f8-4203-be2b-b456ff8e5df3/5960a206-455d-4495-8981-3d8a43c9b243/ |
54 KB 14 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ |
13 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp-report-uri
nellie.booking.com/ |
2 B 316 B |
Other
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
telemetry
d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com/d8c14d4960ca/c2181391033f/ |
888 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collector
collector-pxikkul2rm.px-cloud.net/api/v2/ |
593 B 649 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
navigation_times
account.booking.cn/ |
0 2 KB |
XHR
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
telemetry
d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com/d8c14d4960ca/c2181391033f/ |
976 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.booking.com
- URL
- https://www.booking.com/c360/v1/track
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Booking (Travel)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| E_ function| onBookingError object| booking object| booking_extra object| B object| $u object| webpackManifest string| webpackPublicPath object| webpackChunkbookings_web_accounts_portal_workspaces object| __core-js_shared__ object| core object| transportHooks function| OptanonWrapper object| PCM object| dataLayer function| handleSocialProviderResult undefined| params undefined| search_params string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| a2_0x7ffe function| a2_0x33bb object| AwsWafIntegration object| ChallengeScript string| _pxAppId string| _pxParam1 object| OneTrustStub object| PXikKuL2RM object| PX undefined| _ikKuL2RMhandler string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
account.booking.cn/ | Name: aliyungf_tc Value: 4d645b52bd0deb5fc692a3ff96b50fc22c0cda340459740e870810c313d459d9 |
|
account.booking.cn/ | Name: acw_tc Value: ac11000117131766848222180e0c250fe65892cd97dd78a3d10291588400cd |
|
.account.booking.cn/ | Name: bkng_ap Value: U2FsdGVkX1%2FztE4GrOzz5UFnuTjHmqmF%2F1u6D43vWZULBv6HK%2FvRpSJhJRSDeOuf4QT8ud%2F0ZXVb%0ACD2tgKv8Xg%3D%3D%0A |
|
.booking.cn/ | Name: bkng_sso_session Value: e30 |
|
.booking.cn/ | Name: bkng_sso_ses Value: e30 |
|
.booking.cn/ | Name: _ga Value: GA1.2.1587224971.1713176687 |
|
.booking.cn/ | Name: _gid Value: GA1.2.1668616299.1713176687 |
|
.booking.com/ | Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT8hqoqwQz32%2FAxEwqFDrJ%2FqmZ9AvpOa0wtuNwrR3dfCFmW4M8zio%2BAM8UlxA9hox7z21xiSMXB45MfqwLZBJ2bYjCXXRUF3v%2BXvOt0sUU7lu9qSvctjIJ6Z3bkUFzGnMXmMLFEnRM3DmNYlncMvHL4X |
|
.booking.cn/ | Name: pxcts Value: 6281fb97-fb12-11ee-b025-765271b031f6 |
|
.booking.cn/ | Name: _pxvid Value: 6281f00c-fb12-11ee-b025-2375d049c9bf |
|
account.booking.cn/ | Name: _pxff_cfp Value: 1 |
|
account.booking.cn/ | Name: _pxff_ddtc Value: 1 |
|
.account.booking.cn/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Apr+15+2024+12%3A24%3A47+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=95b3d747-a587-47bf-8c3f-6280fd7e1536&interactionCount=0&landingPath=https%3A%2F%2Faccount.booking.cn%2F&groups=C0001%3A1%2CC0002%3A0 |
|
.account.booking.cn/ | Name: bkng_ap_sso_session Value: eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiIzMTYzOWM3MS04N2ViLTRjOGQtYWE4ZC00NDRkNTBjMjA1MjciLCJzZXNzaW9ucyI6W119fQ |
|
.booking.cn/ | Name: _px3 Value: f8b9dbad2f356a50d936d22db4d69cd61442c28a62cf949c7c71be36db89011a:e8ggwIwCQBA8yS2D9mLqfuwdQTO7Q+vdwm4GPoufXHXqgnv5OPiVDC59fxuDuqRUtqqrpXKMIkBVFaUwbyysIg==:1000:N21gUHPkqOUl2fDudd52Xc/96bI61GeXouKqhV9kRd6bdeFLuUKOALs0+UvIfOaasSXjqRU+xtuGls60l74aX10Tv9EtFS1Mu9mHSzKpAmMU8EVfHmUCtNNg22e7V3MyNTwzCUq0oLYyyq7TNkkrA5TNWx59z2f+B2TPwubjSMOVXKkdU2OYQ89SjaBXJdwgKWwj6spEd/iipE3YjIABCrCctXVw6l9nJED0GEBGTOE= |
|
.booking.cn/ | Name: _pxde Value: 5ef0eac891457ce9ab18f6bd183becfa9b94938ba8a904c9dbb0c1ab10cd6d34:eyJ0aW1lc3RhbXAiOjE3MTMxNzY2ODgzODcsImZfa2IiOjAsImlwY19pZCI6W119 |
|
.account.booking.cn/ | Name: aws-waf-token Value: 79f7d038-4a4d-4e5a-8f46-7b25bf9c6b84:CQoAijhHo1JPAAAA:CJcRHJsfgQbk3tECAOuuzdvZoeSMAMHqlCdogFhjiI/DKWlM0y6gZ8Qgb1/FAMmIfQ7fQOmSnY2QVnwQ0zoM+BDaNkjTk/WM+mDFaR4plAd78iuc0uYIm7lFlE6BAd2Dp8Ea3Noa+vhSRLyJewwFNDkWEi+csdfhRUPhQTrJBTGrClnbdcUKCyprJ/pLMrK/wnt8I2zOYO3yEqHmz6WzY/8QHkOSLpeD9jYfJhZvxhRSp4LQ5jp68tcC3wQD0GfZvb+EljLllhlEpw/hU5/cNHd0UcHO+TcNYKHT |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors https://*.booking.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=212&pid=5d19493654bf0172&e=UmFuZG9tSVYkc2RlIyh9YSWKtKO5TxgOpTwVTPfHZKNW3Hcrm1RLgSxyia5pklYbFK41uc0IK0Ujca39FFpP8ALQYbhclB33 |
Strict-Transport-Security | max-age=2592000; includeSubDomains |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account.booking.cn
account.booking.com
cdn.cookielaw.org
cf.bstatic.com
collector-pxikkul2rm.px-cloud.net
d8c14d4960ca.d24e0790.eu-central-1.token.awswaf.com
d8c14d4960ca.edge.sdk.awswaf.com
geolocation.onetrust.com
nellie.booking.com
q-xx.bstatic.com
r.bstatic.com
www.booking.com
www.bstatic.com
www.google-analytics.com
xx.bstatic.com
www.booking.com
18.245.31.103
18.245.60.2
18.245.60.7
18.66.122.49
2001:4860:4802:36::178
203.107.55.174
2600:9000:2251:6800:5:bf05:acc0:93a1
2600:9000:2251:ac00:5:bf05:acc0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6813:b234
35.190.10.96
52.222.236.42
99.86.4.128
06d8ce03d4f8447b2d1cb483dcc5f0cd5df4838665cd27b02f28de7b89d377f5
0b5a5fb76cddf3937186409c4cb95fc1cf9f857716fe30dfe797a2711da1533f
0c272ac742d5b1864c1143219478e17fb721b23503ba0aa980dc287ee04e5a02
0e3cd6436c3188852c7bc0a21b4c6789c22306fe5f5d64c1507d9f24590f7670
0f38146939d9901a8020d9678b310f9a5b0376ac36d49a2bafe8de0ef5b05d41
1ca4219d25c2f844695fdfa5beddf194424eacbe8a14b09deb4cd409efbcd8ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
29327314676671126ff9c9b0998e7a2ac03b7d7eda4bd00f6345dae7dff3570b
33406802ea9dc3de297509fc38072776b0a1562dc0b995f7bc9598a47cd7796e
399e67c92d90ecd50872f302adeda1a2f46485ac53ee97abd4fb18f8a6931900
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b928f885ae9dbe8b399bee58dfecb3a1a7ca2a3c3f0653a6f0ab644e868e811
532d3981645dfb889edaabf526037d90cafc21f13da2b6c4bedfbf3d7e78b036
59c25d214a62606483c6db51694d2ccbbe45f9a18080bc3d50282ec4d6ce68be
64fd714597c9fb75e14780197c2d674939eb1f61252aefc29cb36b17abe1ad27
69a38bd6af3d28e80705b33027f8743a56f1c301d038ce8f78237f327ea076fe
6d3e2d70e3e3ffb919fd2ce8d89721d4f2931bb069489c075eab2eab978f2bc7
75a71cdaacaaff9d859483ba785a6b058d64fd1c1007cdfcab7eaaf32e23188f
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
99af6690771b7b62a1325d0c0b38a9a0300c18921e4877dcf38a239b9c977502
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8
b72d6e12f49955f0e8e002a92fbf35b1b689c7c5c197af401321259ca33d002f
b832c527bbda9261af12c2391160af432b3a0324d4b121cd247258ea20ca2bd3
c2746928035bece5005e99e8510391dfbeee1669ab94d3efdf20969d8dd3eff7
c80b9838465a2c5aa19e06c25631cd22d81dd8c76563875ebfb4d35304dfba47
cf3e3110f9f91aa848ae3c0dc257e0e81eef54cdc1ca32f3e0ccff0c0284cc68
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d84999d183797b4f966cb30922ea78d372a2572ae46e4eb91665c59f211a810c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df95d494b154bc7ea6d978af82b1f1f252652e0093b195ce79c3467de942602c
e0dc60235dba1ab776de33a819d2019ae6b4048eaeb995c776e5b8b1cf24f106
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
f5bd53075026f481d98053156145456094449c12c9049008fd78cd1f86887503