logement-reservation.com Open in urlscan Pro
179.43.187.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://logement-reservation.com/
Submission: On May 08 via automatic, source openphish (May 8th 2022, 1:28:15 am UTC) — Scanned from DE

Summary HTTP 9 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 179.43.187.65, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is logement-reservation.com.
TLS certificate: Issued by R3 on May 6th 2022. Valid for: 3 months.

This is the only time logement-reservation.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Airbnb (Hospitality)

Domain & IP information

	IP Address		AS Autonomous System
9	179.43.187.65 179.43.187.65		51852 (PLI-AS) (PLI-AS)
9	1

9 179.43.187.65 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)

logement-reservation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	logement-reservation.com logement-reservation.com	128 KB
9	1

	Domain	Requested by
9	logement-reservation.com	logement-reservation.com
9	1

This site contains links to these domains. Also see Links.

Domain
www.airbnb.org
community.airbnb.com
press.atairbnb.com
news.airbnb.com
careers.airbnb.com
investors.airbnb.com
www.facebook.com
twitter.com
instagram.com

Subject Issuer	Validity	Valid
logement-reservation.com R3	`2022-05-06` - `2022-08-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://logement-reservation.com/
Frame ID: FFD15C0E8052B82355296135C7487EDE
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Information Facturation

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

128 kB
Transfer

389 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.airbnb.org/?locale=fr
Title: Airbnb.org : réponse aux catastrophes

Search URL Search Domain Scan URL

URL: https://www.airbnb.org/refugees
Title: Soutenir les réfugiés afghans

Search URL Search Domain Scan URL

URL: https://community.airbnb.com/?profile.language=fr
Title: Forum de la communauté

Search URL Search Domain Scan URL

URL: https://press.atairbnb.com/fr/
Title: Newsroom

Search URL Search Domain Scan URL

URL: https://news.airbnb.com/what-makes-airbnb-airbnb
Title: Lettre de nos fondateurs

Search URL Search Domain Scan URL

URL: https://careers.airbnb.com/
Title: Carrières

Search URL Search Domain Scan URL

URL: https://investors.airbnb.com/
Title: Investisseurs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AirbnbFrance

Search URL Search Domain Scan URL

URL: https://twitter.com/airbnb_fr

Search URL Search Domain Scan URL

URL: https://instagram.com/airbnb

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response logement-reservation.com/	53 KB 8 KB	170ms 36ms	Document text/html	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / PHP/8.0.18 PleskLin Resource Hash `0aafec206ec94b48ead350ceae1ba2af227a43eb829f3d7e5670cb21d5b204ac` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Sun, 08 May 2022 01:28:11 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx x-powered-by PHP/8.0.18 PleskLin
GET H2	200	jquery-1.11.3.min.js Show response logement-reservation.com/js/	85 KB 29 KB	51ms 50ms	Script application/javascript	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/js/jquery-1.11.3.min.js Requested by Host: logement-reservation.com URL: https://logement-reservation.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / PleskLin Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers accept-language de-DE,de;q=0.9 Referer https://logement-reservation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 08 May 2022 01:28:11 GMT content-encoding br etag W/"621f720d-15392" last-modified Wed, 02 Mar 2022 13:33:01 GMT server nginx x-powered-by PleskLin content-type application/javascript
GET H2	200	fontair.css logement-reservation.com/css/	8 KB 2 KB	34ms 33ms	Stylesheet text/css	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/css/fontair.css Requested by Host: logement-reservation.com URL: https://logement-reservation.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / PleskLin Resource Hash `44440dd4c0ad4aafccfc023e4c5336177c27db0f556f1e7f4a816fe8fffcfdba` Request headers Referer https://logement-reservation.com/ Origin https://logement-reservation.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 08 May 2022 01:28:11 GMT content-encoding br etag W/"624e32de-21e9" last-modified Thu, 07 Apr 2022 00:39:58 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	1.css logement-reservation.com/css/	92 KB 10 KB	31ms 31ms	Stylesheet text/css	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/css/1.css Requested by Host: logement-reservation.com URL: https://logement-reservation.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / PleskLin Resource Hash `8762cffec2504703067e6a7077ecdfe9c9429866a83419fc5ed051fa8cf915cc` Request headers accept-language de-DE,de;q=0.9 Referer https://logement-reservation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 08 May 2022 01:28:11 GMT content-encoding br etag W/"624e144b-16fc0" last-modified Wed, 06 Apr 2022 22:29:31 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	200	2.css logement-reservation.com/css/	80 KB 9 KB	47ms 46ms	Stylesheet text/css	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/css/2.css Requested by Host: logement-reservation.com URL: https://logement-reservation.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / PleskLin Resource Hash `e17256bd1b2520dfc436ab42b0e24e7091165919ab9b095f00ec9e7f2451b869` Request headers accept-language de-DE,de;q=0.9 Referer https://logement-reservation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 08 May 2022 01:28:11 GMT content-encoding br etag W/"624e144b-140ba" last-modified Wed, 06 Apr 2022 22:29:31 GMT server nginx x-powered-by PleskLin content-type text/css
GET H2	404	IXEOMQ8 logement-reservation.com/s0Aa/egFn/nJ/FIo6/QW9A/5uEXSpQNp9ri/dyIVCmg/dmMl/	0 0	48ms 48ms	Script text/html	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/s0Aa/egFn/nJ/FIo6/QW9A/5uEXSpQNp9ri/dyIVCmg/dmMl/IXEOMQ8 Requested by Host: logement-reservation.com URL: https://logement-reservation.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://logement-reservation.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 08 May 2022 01:28:11 GMT content-encoding br last-modified Fri, 06 May 2022 23:07:27 GMT server nginx etag W/"328-5de5fec109c61" content-type text/html
GET H2	200	Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2 logement-reservation.com/css/	24 KB 24 KB	27ms 27ms	Font font/woff2	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/css/Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2 Requested by Host: logement-reservation.com URL: https://logement-reservation.com/css/fontair.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / PleskLin Resource Hash `b06428a4009f63f0edb5c8cf89ffb84ea978a2b559cc4c14c8e7a0e130ceefc4` Request headers Referer https://logement-reservation.com/css/fontair.css Origin https://logement-reservation.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 08 May 2022 01:28:11 GMT last-modified Thu, 07 Apr 2022 00:39:56 GMT server nginx x-powered-by PleskLin etag "624e32dc-5e08" content-type font/woff2 accept-ranges bytes content-length 24072
GET H2	200	Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2 logement-reservation.com/css/	24 KB 24 KB	26ms 26ms	Font font/woff2	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/css/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2 Requested by Host: logement-reservation.com URL: https://logement-reservation.com/css/fontair.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / PleskLin Resource Hash `b11f01105c8b416bc49025877708638fc1955dc31d2a3fa7904d4e0b0f4ac4b4` Request headers Referer https://logement-reservation.com/css/fontair.css Origin https://logement-reservation.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 08 May 2022 01:28:11 GMT last-modified Thu, 07 Apr 2022 00:40:00 GMT server nginx x-powered-by PleskLin etag "624e32e0-5ef0" content-type font/woff2 accept-ranges bytes content-length 24304
GET H2	200	Airbnb_Cereal-Bold-bdfb98485e7836ba31b456f65cded088.woff2 logement-reservation.com/css/	23 KB 23 KB	27ms 26ms	Font font/woff2	179.43.187.65 PLI-AS
General Check archive.org Show headers Download Go to Full URL https://logement-reservation.com/css/Airbnb_Cereal-Bold-bdfb98485e7836ba31b456f65cded088.woff2 Requested by Host: logement-reservation.com URL: https://logement-reservation.com/css/fontair.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 179.43.187.65 Zurich, Switzerland, ASN51852 (PLI-AS, PA), Reverse DNS Software nginx / PleskLin Resource Hash `b848d7113c5d21f463bd7b248115b78ae386d1628459bfcdb154f82f083bfc97` Request headers Referer https://logement-reservation.com/css/fontair.css Origin https://logement-reservation.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Sun, 08 May 2022 01:28:11 GMT last-modified Thu, 07 Apr 2022 00:39:59 GMT server nginx x-powered-by PleskLin etag "624e32df-5d48" content-type font/woff2 accept-ranges bytes content-length 23880

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Airbnb (Hospitality)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			logement-reservation.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: o5c7g65560f9or164tn3id33fr

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://logement-reservation.com/s0Aa/egFn/nJ/FIo6/QW9A/5uEXSpQNp9ri/dyIVCmg/dmMl/IXEOMQ8 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

logement-reservation.com
179.43.187.65
0aafec206ec94b48ead350ceae1ba2af227a43eb829f3d7e5670cb21d5b204ac
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
44440dd4c0ad4aafccfc023e4c5336177c27db0f556f1e7f4a816fe8fffcfdba
8762cffec2504703067e6a7077ecdfe9c9429866a83419fc5ed051fa8cf915cc
b06428a4009f63f0edb5c8cf89ffb84ea978a2b559cc4c14c8e7a0e130ceefc4
b11f01105c8b416bc49025877708638fc1955dc31d2a3fa7904d4e0b0f4ac4b4
b848d7113c5d21f463bd7b248115b78ae386d1628459bfcdb154f82f083bfc97
e17256bd1b2520dfc436ab42b0e24e7091165919ab9b095f00ec9e7f2451b869

logement-reservation.com Open in urlscan Pro 179.43.187.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

128 kBTransfer

389 kBSize

1 Cookies

10 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

logement-reservation.com Open in urlscan Pro
179.43.187.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

128 kB
Transfer

389 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!