airbnb.conf1rmed.com Open in urlscan Pro
172.67.223.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://airbnb.conf1rmed.com/
Submission: On July 04 via api (July 4th 2024, 10:31:45 pm UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 172.67.223.14, located in United States and belongs to CLOUDFLARENET, US. The main domain is airbnb.conf1rmed.com.
TLS certificate: Issued by WE1 on July 3rd 2024. Valid for: 3 months.

This is the only time airbnb.conf1rmed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.67.223.14 172.67.223.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.212.24 172.67.212.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	3

4 172.67.223.14 (United States)

ASN13335 (CLOUDFLARENET, US)

airbnb.conf1rmed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.212.24 (United States)

ASN13335 (CLOUDFLARENET, US)

support-15.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	conf1rmed.com airbnb.conf1rmed.com	153 KB
3	support-15.online support-15.online	1 KB
8	2

	Domain	Requested by
4	airbnb.conf1rmed.com	airbnb.conf1rmed.com
3	support-15.online	airbnb.conf1rmed.com
8	2

This site contains no links.

Subject Issuer	Validity	Valid
conf1rmed.com WE1	`2024-07-03` - `2024-10-01`	3 months	crt.sh
support-15.online WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://airbnb.conf1rmed.com/
Frame ID: 8E80AEF2C6F22DA5099839843A6F3D7C
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Airbnb

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

155 kB
Transfer

477 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response airbnb.conf1rmed.com/	522 B 713 B	170ms 115ms	Document text/html	172.67.223.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://airbnb.conf1rmed.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bc3253d3dcc5417c6e252056109b3919f46b4a01e7bef8c3f5da8bdd3fa02a8f` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 89e291196b809142-FRA content-encoding br content-type text/html date Thu, 04 Jul 2024 22:31:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qgDtBbZj%2B7iszkJc81Gm2%2FFj%2Bt4N%2FeEO4%2FspGD6B4hOhUs3dhKX32bP6h3BT2xLrbtxcqWTrmCVsvfEPgNiHVUMpMFEUW4ojf8uL%2FsSbsdo7YsETB%2BRh0nE39Z3swrSBHeaNKxeKw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	index-VpamsGcD.js Show response airbnb.conf1rmed.com/assets/	426 KB 142 KB	168ms 168ms	Script text/javascript	172.67.223.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://airbnb.conf1rmed.com/assets/index-VpamsGcD.js Requested by Host: airbnb.conf1rmed.com URL: https://airbnb.conf1rmed.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `faba27f48eefd3cedcc4c0a3d28df5e0f2eaeb1d5a59b2e5700c4978805089c7` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://airbnb.conf1rmed.com/ Origin https://airbnb.conf1rmed.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 22:31:40 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 03 Jul 2024 19:47:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"436703-1720036050914" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oMkXU2iPbcWQM4PvffGQ%2FO89szmeR4yVdWFiMtrndAhmWzEvv3OlSt%2F5yUnBPhAt5zCYXbQ6v7JL8pFHK%2Bd8B3ESadT1IN6pE9zjGDKSMRw%2FcqIxna0cFjZkc60FOUxXa6i6V3gCeA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 89e2911a3c2c9142-FRA alt-svc h3=":443"; ma=86400
GET H3	200	index-CVYvM4dx.css airbnb.conf1rmed.com/assets/	46 KB 9 KB	126ms 125ms	Stylesheet text/css	172.67.223.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://airbnb.conf1rmed.com/assets/index-CVYvM4dx.css Requested by Host: airbnb.conf1rmed.com URL: https://airbnb.conf1rmed.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `437f38110ff9a556506553fa852358789f158381015925a729da0a8fb3fb0c17` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://airbnb.conf1rmed.com/ Origin https://airbnb.conf1rmed.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 22:31:39 GMT content-encoding gzip cf-cache-status MISS last-modified Wed, 03 Jul 2024 19:47:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"46817-1720036050914" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NRpOPcvm5HE8VCiixkSK0MlQW1%2FByjAzDfm0NZX97kvltkuUNFkhAjT0h9RAF5pVT4Vjr0MRs3WVaPoV9O2KpPEy0jvkPESiqayWQQ3F7CQm%2FElhhA3YCzL2QkJysGRLR5vZtEUDA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=14400 cf-ray 89e2911a3c2d9142-FRA alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response support-15.online/api/socket/	118 B 556 B	179ms 115ms	XHR text/plain	172.67.212.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://support-15.online/api/socket/?EIO=4&transport=polling&t=P1_t-r- Requested by Host: airbnb.conf1rmed.com URL: https://airbnb.conf1rmed.com/assets/index-VpamsGcD.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `68b4cb732a5670c8270544c440db494fa4411c149c96fe2bd078729deaf2ace1` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept / Referer https://airbnb.conf1rmed.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 22:31:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bnEffjRj7sBaPnpJ33xGPGyNR8lLgLpGYXn1kzb3aGsFxmOoY6rNfeQfU7KT2fHYrX9jg6zHLXZoxXquCboVAnge4ojES%2FEUZqygrvbFYQs0JY%2BU6t6P9HzF%2FevNtMaExQ4t%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 89e2911c78f23624-FRA alt-svc h3=":443"; ma=86400
GET H3	200	bnb_logo.ico airbnb.conf1rmed.com/	4 KB 2 KB	121ms 120ms	Other image/x-icon	172.67.223.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://airbnb.conf1rmed.com/bnb_logo.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.223.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9ba669d9ce07a2d4689edadaf5178a3296442567f4006e8e0e7de94b845c4a81` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://airbnb.conf1rmed.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 22:31:40 GMT content-encoding br cf-cache-status MISS last-modified Wed, 03 Jul 2024 19:47:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4286-1720036050350" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qgKRAxs%2FBr9d5cbj6OpQdiancYCyi2djRGTGd2nUScM2Wuh16C%2FBNzqiQUECLFdNbz8tvvOGtYrpSQ3JNCYOZVJ%2FNMhbaX1MUgPvnuLkizedvkr40OBK0%2FjdOYSdfc0knMrzpSNRw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon access-control-allow-origin * cache-control max-age=14400 cf-ray 89e2911c3de49142-FRA alt-svc h3=":443"; ma=86400
POST H3	200	/ Show response support-15.online/api/socket/	2 B 409 B	76ms 75ms	XHR text/html	172.67.212.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://support-15.online/api/socket/?EIO=4&transport=polling&t=P1_t-ur&sid=zGlG5zdYSDxJsxwyABBZ Requested by Host: airbnb.conf1rmed.com URL: https://airbnb.conf1rmed.com/assets/index-VpamsGcD.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type text/plain;charset=UTF-8 Accept / Referer https://airbnb.conf1rmed.com/ sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 22:31:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2Bpv%2Bq5Qah%2FdATKuSRT3amt%2BdBoXEvlUGX4Ed4Y%2BqS3wIDNTclxCUo244rnfD%2Bxs8xFlwTgF3FPnLCQ4nofqCfVmQnWJNRuCqVZ7iGQTk%2FBALwK2L7nnBc2De3C3SEufmmBCmg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * cache-control no-store cf-ray 89e2911d39cc3624-FRA alt-svc h3=":443"; ma=86400
GET H3	200	/ Show response support-15.online/api/socket/	32 B 441 B	111ms 111ms	XHR text/plain	172.67.212.24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://support-15.online/api/socket/?EIO=4&transport=polling&t=P1_t-ut&sid=zGlG5zdYSDxJsxwyABBZ Requested by Host: airbnb.conf1rmed.com URL: https://airbnb.conf1rmed.com/assets/index-VpamsGcD.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `709da50386b87ee17a8b682448933e17437ef7bd78f5c86c3e97d9d04f46a662` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept / Referer https://airbnb.conf1rmed.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 04 Jul 2024 22:31:40 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilTxh93OCxemgxQA0V1vaZXmhhJ8n8wRQqNdv29qjSAIxXspJ7b8IRunznLJ%2FQ2l%2FcPUlZIUvfcriG7ClGdrxeIL0eDZGcIQ%2FyDWjl3vZsbLgclhGAuRUg1MpkA9VUroPpB7jg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 access-control-allow-origin * cache-control no-store cf-ray 89e2911d39cd3624-FRA alt-svc h3=":443"; ma=86400 content-length 32
GET		/ support-15.online/api/socket/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: support-15.online
URL: https://support-15.online/api/socket/?EIO=4&transport=polling&t=P1_t-we&sid=zGlG5zdYSDxJsxwyABBZ

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| __reactRouterVersion

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://airbnb.conf1rmed.com/assets/index-VpamsGcD.js(Line 39) Message: WebSocket connection to 'wss://support-15.online/api/socket/?EIO=4&transport=websocket&sid=zGlG5zdYSDxJsxwyABBZ' failed: Error during WebSocket handshake: Unexpected response code: 400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airbnb.conf1rmed.com
support-15.online
support-15.online
172.67.212.24
172.67.223.14
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
437f38110ff9a556506553fa852358789f158381015925a729da0a8fb3fb0c17
68b4cb732a5670c8270544c440db494fa4411c149c96fe2bd078729deaf2ace1
709da50386b87ee17a8b682448933e17437ef7bd78f5c86c3e97d9d04f46a662
9ba669d9ce07a2d4689edadaf5178a3296442567f4006e8e0e7de94b845c4a81
bc3253d3dcc5417c6e252056109b3919f46b4a01e7bef8c3f5da8bdd3fa02a8f
faba27f48eefd3cedcc4c0a3d28df5e0f2eaeb1d5a59b2e5700c4978805089c7

airbnb.conf1rmed.com Open in urlscan Pro 172.67.223.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

155 kBTransfer

477 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

airbnb.conf1rmed.com Open in urlscan Pro
172.67.223.14 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

155 kB
Transfer

477 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions