bnb.confirms-46041.com Open in urlscan Pro
2606:4700:3032::6815:3656 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bnb.confirms-46041.com/6395929262
Submission: On February 26 via automatic, source openphish (February 26th 2024, 12:14:42 am UTC) — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3032::6815:3656, located in United States and belongs to CLOUDFLARENET, US. The main domain is bnb.confirms-46041.com.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2024. Valid for: 3 months.

This is the only time bnb.confirms-46041.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Airbnb (Hospitality)

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:303... 2606:4700:3032::6815:3656	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2.19.96.243 2.19.96.243	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.70.66.29 52.70.66.29	14618 (AMAZON-AES) (AMAZON-AES)
22	3

20 2606:4700:3032::6815:3656 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bnb.confirms-46041.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.96.243 (Düsseldorf, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-243.deploy.static.akamaitechnologies.com

a0.muscache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.airbnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.airbnb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.66.29 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-66-29.compute-1.amazonaws.com

airbnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	confirms-46041.com 1 redirects bnb.confirms-46041.com	252 KB
2	airbnb.com 2 redirects airbnb.com — Cisco Umbrella Rank: 9776 www.airbnb.com — Cisco Umbrella Rank: 10592	3 KB
1	airbnb.de www.airbnb.de — Cisco Umbrella Rank: 156295
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	6 KB
1	muscache.com a0.muscache.com — Cisco Umbrella Rank: 8961	130 KB
22	5

	Domain	Requested by
20	bnb.confirms-46041.com	1 redirects bnb.confirms-46041.com
1	www.airbnb.de
1	www.airbnb.com	1 redirects
1	airbnb.com	1 redirects
1	cdnjs.cloudflare.com	bnb.confirms-46041.com
1	a0.muscache.com	bnb.confirms-46041.com
22	6

This site contains no links.

Subject Issuer	Validity	Valid
confirms-46041.com GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
www.airbnb.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-16` - `2025-02-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://bnb.confirms-46041.com/6395929262
Frame ID: 9CAE4D67B2D745F59AE6E9E46A430E93
Requests: 14 HTTP requests in this frame

Frame: https://bnb.confirms-46041.com/chat/6395929262
Frame ID: B765BE37F431CFA4AEEAECA53717AD8F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Airbnb | Vacation rentals, cabins, beach houses, & more

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

387 kB
Transfer

704 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://bnb.confirms-46041.com/chat/%7Bimage%7D HTTP 302
https://airbnb.com/ HTTP 301
https://www.airbnb.com/ HTTP 307
https://www.airbnb.de/?_set_bev_on_new_domain=1708906479_NzI3NDI5YTAzNjU4

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 6395929262 Show response
bnb.confirms-46041.com/ 39 KB
11 KB 1572ms
990ms Document
text/html 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/6395929262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed81be88c41f9c10e443132c06ace45508564c7c4a561ae7ad199d2464f519e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b3fd2158a73e3d-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 00:14:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V77a0NVd1Wp20Tr%2BdUpj7I16s2Q%2FCNMghYMslpu4x8N4IZ22xGQ%2BdAyY3rsOkMT006Y0Z0D%2BalYW7CTlKSatsCqDUYFoeA%2BKfxkGy6QqXBJCbr0QyLNeUHzSOIjv5g7614mENnkXbb2Azo9t73U25MUsmB%2FP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 chat.css
bnb.confirms-46041.com/build/ 3 KB
997 B 827ms
825ms Stylesheet
text/css 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/build/chat.css
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8afb-a0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tRut8s38Li3EFOtvYzjiHiy97WnAdNda%2B8zaeONqB4RD64QXuZkL5negZg%2Fg63KKU8wvDtGM8mVWZIDXsflha9SOtnSR%2BTECxEDkVHE1aU5%2FAn%2FaquyCE3%2FS644Y2LzARuLT99tmrMgTFHx9hVstE3YLqzf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85b3fd279ded3e3d-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 script2.js Show response
bnb.confirms-46041.com/css/airbnb/ 22 KB
6 KB 1087ms
1085ms Script
application/javascript 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/css/airbnb/script2.js
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e73d30d07be6b19a2378a4ba1756d4eff7e2425a9fc74de0560742a2f0648dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Feb 2024 18:57:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d3a490-58ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSnl77CBf%2BMBwxs3vUOemttefiXMEhZyC4zy93kDs%2FyVnwpMjfaSQPx5YkNxKFjkJvUb9rFcKbB9%2FkPmsXQlZdOlWcX%2Bm7%2Fd2eyNGTiqbRe9UqNIopBdTKqZHsk4w8G1Rl%2B9ki8Uf2wbROpiH4dQVIIHqp5l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85b3fd279df13e3d-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
bnb.confirms-46041.com/css/airbnb/css/ 31 KB
7 KB 1098ms
1096ms Stylesheet
text/css 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/css/airbnb/css/main.css
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95fd885fd024472895d8b09606e94ea9778ce31384a5fd49bc5d84465d93289

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:03:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8b19-7c85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21ZhLjd8MFxUxPZYdSTgaxeQtxx89X77dD1v8ezlAAjimMVbVrO7Qv4F%2B0pXuJjAkPJy1x5mBQckaUZVtVFGn8M1wGLB1gZ7qk%2FBxd0ov9epoHxtK7L6697vJwkUaX%2F0Zf9HDTcDlFswwAT3FFM6Z7mV9%2B8u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85b3fd279dee3e3d-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
bnb.confirms-46041.com/js/ 87 KB
32 KB 1357ms
1355ms Script
application/javascript 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/js/jquery.min.js
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:02:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8ae8-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k37zoRMbPW3oyFkQX3sUl9N2vGIOhvmDT%2BGm58b1GVgO3Kycj%2BPwAlvYu%2BE3DNakXGCvhdaZSebviBoY9Z7hiuuqwBh9vjrAnC6WC9YHcFQ5JfUy0L%2BixTXIwJPIEKFZadSowCcUoM8yRo9zaRK78%2FWjE1A0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85b3fd279df03e3d-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 visa.svg
bnb.confirms-46041.com/css/airbnb/assets/img/payments/ 903 B
858 B 834ms
834ms Image
image/svg+xml 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnb.confirms-46041.com/css/airbnb/assets/img/payments/visa.svg
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9356128a4fdd7f7021f5b46ccc0f1e8158fc5a3cfb42833dd9c0236834efc27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8b3f-387"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqDcfpdHQbir4Xke6JlLwLTE7Kl5s9wr6ciNckSUXuqJ2krQoDZLirYwbyTce%2FX%2FZ6cgr%2FQPpA2HV91qRPaodwpE%2FBQRNfitEDXNr0HJGMucomVLrRQHmF5vSrZeF%2BBptHlDdkKKFyHapq%2FsPaJNVWglGc4N"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85b3fd27ae083e3d-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 amex.svg
bnb.confirms-46041.com/css/airbnb/assets/img/payments/ 750 B
802 B 818ms
818ms Image
image/svg+xml 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnb.confirms-46041.com/css/airbnb/assets/img/payments/amex.svg
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dfbae0dacd10d301e21a35cda20b66fd32f1ffe176842fcb28590512d756503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8b3e-2ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5D1%2B51TjpfK1RRmr7uUlRsNM6oP83EKpp5z0d2U02jVX0%2FlV1geQF7epHasDxRQFCjTjmZIQF6bXBAzpjcpx4ohYTh0aaVD1qFwl%2Bh%2F0IVGWlIca3%2FVfE1uh91AxJcdAtC7B6zTdUTD%2F7zMDxL0VcIrvRnG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85b3fd27ae0c3e3d-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 mc.svg
bnb.confirms-46041.com/css/airbnb/assets/img/payments/ 559 B
823 B 47ms
47ms Image
image/svg+xml 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnb.confirms-46041.com/css/airbnb/assets/img/payments/mc.svg
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 910bfc606b7c82369fd37783518c86b3d909d0064479411385783f83f21363ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 635
etag: W/"65bf8b3f-22f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I56tWioESFg5hE2XA%2BFw3xaduztKaYszWz99otz%2FZcyyU%2FPz3RGmTVz44nTyDtoJ1EH2F0XQDHeQSRSganRreQi3BttibifCjx3pMvIT5P0wSexSlvz9Qv08VQ1GmcSfENpOInAh2Cyj%2BMKlZMlxg%2Fhi2%2B88"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85b3fd2c5aafd5bc-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 discover.svg
bnb.confirms-46041.com/css/airbnb/assets/img/payments/ 2 KB
1 KB 46ms
46ms Image
image/svg+xml 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnb.confirms-46041.com/css/airbnb/assets/img/payments/discover.svg
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84ec8b9bf204c018f1ab19aae4788e72a0434731d166ae5b48f1e9ebc4495e02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 635
etag: W/"65bf8b3e-65f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3SK3wsURLYG1xuxdPoEAkM12%2BikrsuUZC06jdYJlov6yHEoXwfVHguEvVbUzpP5hCYVWWZS3lv7zK%2BK%2BElXSsOLwMZsszZU%2FxoUxJeGJl%2FWvuMyVwK%2BWCU2zZZSj8IglWb93rgVcg09cs6FttMU8StctNUYY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85b3fd2c7ab9d5bc-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 6af96626-5805-4729-ab1e-01e46c3976c3.jpeg
a0.muscache.com/im/pictures/prohost-api/Hosting-16174606/original/ 129 KB
130 KB 705ms
551ms Image
image/avif 2.19.96.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a0.muscache.com/im/pictures/prohost-api/Hosting-16174606/original/6af96626-5805-4729-ab1e-01e46c3976c3.jpeg

Requested by

Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.96.243 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-243.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

fca6b19d362debd292ba17ffd10a4380961a45bf44b4ce68098ea8a2e197efbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
cachestatus: origin
x-content-type-options: nosniff
strict-transport-security: max-age=10886400; includeSubDomains
alt-svc: h3=":443"; ma=93600
content-length: 132315
x-airbnb-sureride: c1a1o.0.ef601302.1708906477.cd2481e%%h1
last-modified: Sun, 25 Feb 2024 13:44:00 GMT
server: Akamai Image Manager
accept-ch: device-memory, ect
etag: "1cf7f2b18b47e2ee5f2340d76ba0888708b35deb"
x-frame-options: SAMEORIGIN
accept-ch-lifetime: 2592000
content-type: image/avif
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: private, no-transform, max-age=2554121
timing-allow-origin: *
expires: Tue, 26 Mar 2024 13:43:19 GMT

GET
H3 200 6395929262 Show response
bnb.confirms-46041.com/chat/ Frame B765 29 KB
9 KB 299ms
299ms Document
text/html 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/chat/6395929262
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/6395929262
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0ebfb480cfaf72fe55f481384bfcecadb34a1745e5c55ca8d3cf0a8b852d9c8

Request headers

Referer: https://bnb.confirms-46041.com/6395929262
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85b3fd2ffc27d5bc-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Feb 2024 00:14:38 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwIljjTRxdPDb9OtFRfT5Yo9aCLriZ91IfqJKD%2Fz97uoKji4Zh8zvko1lTnjXxyu8CGl7kTpiSNLY9v5k6YPYyIm47UYJdeIc68aw3iqNySUGdheT4tMhAAMIZSNWfHjNsiUeo%2BBiDanTdNTV5m0ocG9nvfE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 user_send_status.php Show response
bnb.confirms-46041.com/ajax/ 0
495 B 276ms
276ms XHR
text/html 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/ajax/user_send_status.php
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bnb.confirms-46041.com/6395929262
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 00:14:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTJCVv0BeYWL7r%2BjzVjfQxe0BVKAFY17FkE%2BaPmg7E73IGoAEZyP3UAFpQUhOwFQccnq37wc%2FOKGJZvLE9Nrip2itnA2zSHvgv3vNL2XL%2BbCOnZsuQbaj%2BwIZIMNUDU%2BC8s9vjSD5Cd6m4Ytzk6%2FE6S0WGLr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 85b3fd2ffc28d5bc-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 air.woff
bnb.confirms-46041.com/css/airbnb/assets/fonts/ 32 KB
32 KB 49ms
49ms Font
application/font-woff 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/css/airbnb/assets/fonts/air.woff
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/css/airbnb/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f54ad9011d6294256d51fd8467263bc03c73bbcf60fbb0ef7e6543e4d9a51c

Request headers

Referer: https://bnb.confirms-46041.com/css/airbnb/css/main.css
Origin: https://bnb.confirms-46041.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 636
etag: W/"65bf8b22-7e30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pq741%2B8skH%2BRPTNOOV1tKdXFBuJupOhp46dtC6mGC6MLcB8k80U4P0KasBFPc2k31eGbYPTegzzallGS83MBy82GDQIftOf6eFLWuGD6hKYgcKD8UE4bHPrI1Q04QWOnoqfeDamsymEr%2BDel3wUZa%2F90%2F3e5"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 85b3fd300c2ad5bc-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 air-light.woff
bnb.confirms-46041.com/css/airbnb/assets/fonts/ 32 KB
32 KB 91ms
91ms Font
application/font-woff 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/css/airbnb/assets/fonts/air-light.woff
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/css/airbnb/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff0aa357bd18f90e1d8a001cd28716c1180a666885e42995dfae748cd794e5fe

Request headers

Referer: https://bnb.confirms-46041.com/css/airbnb/css/main.css
Origin: https://bnb.confirms-46041.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 636
etag: W/"65bf8b21-7ee0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4P%2FVeDHYvmpqHVYl4%2BvC%2B0V9hmxOQBCuHzNKRPePcB0eWkqtWczmzndQIeq2ZeZLUZwdjTaufHVs6iJB0Eq9jpkEX65Y9AHszzfsrIkoM4%2B0dcbyjQxUttg2E5Bp94K%2BrCwaBzNbfO5R4NVafhfzYnOuvAzs"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 85b3fd300c2bd5bc-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 air-bold.woff
bnb.confirms-46041.com/css/airbnb/assets/fonts/ 31 KB
32 KB 133ms
133ms Font
application/font-woff 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/css/airbnb/assets/fonts/air-bold.woff
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/css/airbnb/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12fff6b197ff0c1bc02931bec0266105ea020b144a384c6a9bd38261cce7985

Request headers

Referer: https://bnb.confirms-46041.com/css/airbnb/css/main.css
Origin: https://bnb.confirms-46041.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 636
etag: W/"65bf8b21-7d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmLsIXzs5l8LXV0po%2Bl0femMPCe9%2BPJBZ0o%2BYTEmTzmMywVlGM8YckWJQ6vCUUAm%2FxHUQ2NyxDPkrtmUV0jLldTunr5ZeOfNoUjXdDEHVmOjFwxtZznPBDa6T6yO%2Bs%2BxLz3daPaEJEkqrz9UV%2BWF4koIPdO6"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 85b3fd300c2cd5bc-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 chat.css
bnb.confirms-46041.com/css/ Frame B765 106 KB
17 KB 51ms
51ms Stylesheet
text/css 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/css/chat.css
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/chat/6395929262
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/chat/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 636
etag: W/"65bf8b0b-1a924"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MA2I0mDqcDt4zRNw9%2F6dXMyrPZxDP8nKWNYER0mH9Fle%2B2Dqx8HPqToqJ2eHvQfdJ0fD1c7jqQaiaOCXLjBbx%2FcsN8NEEg2ola3iwF4JgRZrM1Zh34ita1SsksYBt3%2B0xe9oDlHeJTTXhe%2BJBgyhU88HItx3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85b3fd31dcf7d5bc-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame B765 30 KB
6 KB 98ms
36ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/chat/6395929262

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 509972
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlgQ7HtQEs6hEyaZkg1MuNu%2FzenneNha2rxRvrq7lGKB1Hj02g6KdsYy3qIIGU10CwacghzE5N9S71JrivjwFOQsKrQsF4t3VRkibIzJXnVY%2FXUdofz760W1pD9j12HlPeSt6NSE3NESuWMOUGlWrhT9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85b3fd323b9c2c2d-FRA
expires: Sat, 15 Feb 2025 00:14:38 GMT

GET
H3 200 support.png
bnb.confirms-46041.com/img/ Frame B765 15 KB
16 KB 48ms
48ms Image
image/png 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnb.confirms-46041.com/img/support.png
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/chat/6395929262
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/chat/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:02:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 636
etag: "65bf8ae0-3d12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SA%2BeA57ZkeQd8oJbdUaevhIdSjgWtML5bq3ZKLxwJYeCLRVbytnayCw0KSHvKPs0iMtT7rJuBMHr82h8oPyV3nITvNSMRXffHFTbcMo3ZxnYFu0rLKUSaw%2F6sNW0t6m050xFKfIaLSvVUc8CtLEvhea32stv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85b3fd31dcf8d5bc-CDG
alt-svc: h3=":443"; ma=86400
content-length: 15634

GET
H3 200 support-open.png
bnb.confirms-46041.com/img/ Frame B765 21 KB
21 KB 49ms
49ms Image
image/png 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bnb.confirms-46041.com/img/support-open.png
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/chat/6395929262
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/chat/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:02:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 636
etag: "65bf8adf-5400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghyt%2F26ZWHPTD8cqNqjX0B%2BS4q6MhLTcOf82uaHCpXCsV6wJQtCgdeCbqeseOn1mTJhDX5ghc3ebu9%2FNcx878zXhBjuVlICYNe4z4%2FpIGCldIGnM7yj6Ud8UbYlmFGCqfmql7M2Y8cidJKBpAcgd%2F1%2B2Qb6L"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85b3fd31dcf9d5bc-CDG
alt-svc: h3=":443"; ma=86400
content-length: 21504

GET
H3 200 jquery.min.js Show response
bnb.confirms-46041.com/dist/new_card_design/ Frame B765 87 KB
32 KB 52ms
52ms Script
application/javascript 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/dist/new_card_design/jquery.min.js
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/chat/6395929262
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/chat/6395929262
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 00:14:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 636
etag: W/"65bf8b46-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41d1z3fxs%2BJCFmFKkTvMrbf3zpGg3cGB08fXVj0lpTZh3TyO2OmnS4v1jZqKOgnEvp5h8nUc2jv0UIPrQVeywCKeU%2FIurrQ4AvFgbtBwZXH7J6g6SrmH%2FIU83pmN%2FbAJqDvCMdpXcan%2FeL3BjdYG%2FdozUu8q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85b3fd31dcfad5bc-CDG
alt-svc: h3=":443"; ma=86400

POST
H3 200 msg_check.php Show response
bnb.confirms-46041.com/ajax/ Frame B765 5 KB
1 KB 287ms
287ms XHR
text/html 2606:4700:3032::6815:3656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bnb.confirms-46041.com/ajax/msg_check.php
Requested by: Host: bnb.confirms-46041.com
URL: https://bnb.confirms-46041.com/dist/new_card_design/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:3656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c616280d41370361d4c1317a21154976d765da254b5c85d38fe1941a6deac2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bnb.confirms-46041.com/chat/6395929262
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Feb 2024 00:14:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHJKqbLP9z%2FJ4Rk%2B%2BUHVrUdiVBYU14tgq%2B5my3MQMb0EAm5CYeMORkqVd7RvqaYyV2LPj8kOmif5yIijpUgywNejO9iEoxEat87haUqbnBuYb25VBsCW8wkesEkOREqzIkXXpeCzT82WSVh1e%2BYLV%2BXsQgQA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 85b3fd328d1ad5bc-CDG
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
www.airbnb.de/ Frame B765
Redirect Chain

https://bnb.confirms-46041.com/chat/%7Bimage%7D
https://airbnb.com/
https://www.airbnb.com/
https://www.airbnb.de/?_set_bev_on_new_domain=1708906479_NzI3NDI5YTAzNjU4

0
0

228ms
210ms

Image
text/html

2.19.96.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airbnb.de/?_set_bev_on_new_domain=1708906479_NzI3NDI5YTAzNjU4
Protocol: H2
Server: 2.19.96.243 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-96-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bnb.confirms-46041.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

content-security-policy: default-src 'self' https:; connect-src 'self' https: wss://ws.airbnb.com; img-src 'self' https: data:; media-src 'self' https:; font-src 'self' data: https:; frame-src *; script-src 'self' https: 'unsafe-eval' 'sha256-rAm9O8JPZLtQmd84zMDzhsG5q35JscESxxcaFL7+DDc=' 'sha256-CZnW0hvLQpXhjRl/rvattFn8GcIhxi8fcsCstVugtsI=' 'sha256-96k+AOKIYoML3O+lb2L6QMfXHg/Ddn4WVb9vVVu6NMc=' 'sha256-x9qrZuocTEr1tOGphIwP5Mv7KhBpl6RF2jsvp2TcWoE='; style-src 'self' https: 'unsafe-inline'; report-uri /tracking/csp?controller=core-guest-loop&action=%2F&req_uuid=9615010b-c2bd-4a76-aa8d-3774fde68492&version=sha%3D21ef86afa963&report_only=false; report-to /tracking/csp?controller=core-guest-loop&action=%2F&req_uuid=9615010b-c2bd-4a76-aa8d-3774fde68492&version=sha%3D21ef86afa963&report_only=false; worker-src 'self' https:
strict-transport-security: max-age=10886400; includeSubdomains
x-erf-bev-bev-is-generated: 1
date: Mon, 26 Feb 2024 00:14:39 GMT
x-server-name: www.airbnb.com
cachestatus: on
x-browser-type: unknown
status: 307 Temporary Redirect
x-kraken-loop-name: core-guest-loop
x-envoy-upstream-service-time: 65
server-timing: cdn-cache; desc=NO-STORE, edge; dur=83, origin; dur=73
alt-svc: h3=":443"; ma=93600
content-length: 108
x-airbnb-sureride: c1a1o.0.ef601302.1708906479.cd24a48%%i1c1o%%t1d1o.4c33WcDL35XscTCWzyDG6w==%%h1
x-airbnb-internal-trace-id: 4c33WcDL35XscTCWzyDG6w==
server: nginx
accept-ch: Device-Memory, DPR, ECT, Sec-CH-UA-Platform-Version, Viewport-Width
x-frame-options: SAMEORIGIN
accept-ch-lifetime: 31536000
content-type: text/plain;charset=utf-8
location: https://www.airbnb.de/?_set_bev_on_new_domain=1708906479_NzI3NDI5YTAzNjU4
x-erf-bev-bev: 1708906479_NzI3NDI5YTAzNjU4
cache-control: no-store, max-age=0, private, must-revalidate
origin-trial: AtdXoK5xrDFy2rit7x35H4EMhMW2G3NPDSBN/zJAO+hqtfE5K8+Z20ZL+EU3N2O9cygooSqPs6G/g76ncVnobwQAAABveyJvcmlnaW4iOiJodHRwczovL2FpcmJuYi5jb206NDQzIiwiZmVhdHVyZSI6IlNvZnROYXZpZ2F0aW9uSGV1cmlzdGljcyIsImV4cGlyeSI6MTcxNjk0MDc5OSwiaXNTdWJkb21haW4iOnRydWV9, AkOekvxwprBLSP7I2nhyRn5yZGt9lTJN6UIYziFKVYg5OhlzmlNDciWbBWkEQ5TYPz+aqsuIUT2pPEjPUD5dFAsAAABneyJvcmlnaW4iOiJodHRwczovL2FpcmJuYi5jb206NDQzIiwiZmVhdHVyZSI6IlByaW9yaXR5SGludHNBUEkiLCJleHBpcnkiOjE2NDc5OTM1OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-instrumentation: airbnb
x-server-lifecycle-phase: running

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Airbnb (Hospitality)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bnb.confirms-46041.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ic4jdrtcpc5dmhebsll1u8q2jn

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0.muscache.com
airbnb.com
bnb.confirms-46041.com
cdnjs.cloudflare.com
www.airbnb.com
www.airbnb.de
2.19.96.243
2606:4700:3032::6815:3656
2606:4700::6811:180e
52.70.66.29
0e73d30d07be6b19a2378a4ba1756d4eff7e2425a9fc74de0560742a2f0648dc
1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8
560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82c616280d41370361d4c1317a21154976d765da254b5c85d38fe1941a6deac2
83f54ad9011d6294256d51fd8467263bc03c73bbcf60fbb0ef7e6543e4d9a51c
84ec8b9bf204c018f1ab19aae4788e72a0434731d166ae5b48f1e9ebc4495e02
8dfbae0dacd10d301e21a35cda20b66fd32f1ffe176842fcb28590512d756503
910bfc606b7c82369fd37783518c86b3d909d0064479411385783f83f21363ef
9356128a4fdd7f7021f5b46ccc0f1e8158fc5a3cfb42833dd9c0236834efc27b
b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3
c0ebfb480cfaf72fe55f481384bfcecadb34a1745e5c55ca8d3cf0a8b852d9c8
c12fff6b197ff0c1bc02931bec0266105ea020b144a384c6a9bd38261cce7985
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed81be88c41f9c10e443132c06ace45508564c7c4a561ae7ad199d2464f519e6
f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f95fd885fd024472895d8b09606e94ea9778ce31384a5fd49bc5d84465d93289
fca6b19d362debd292ba17ffd10a4380961a45bf44b4ce68098ea8a2e197efbf
ff0aa357bd18f90e1d8a001cd28716c1180a666885e42995dfae748cd794e5fe

bnb.confirms-46041.com Open in urlscan Pro 2606:4700:3032::6815:3656 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

3 IPs

2 Countries

387 kBTransfer

704 kBSize

1 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

1 Cookies

Indicators

bnb.confirms-46041.com Open in urlscan Pro
2606:4700:3032::6815:3656 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

387 kB
Transfer

704 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!