urlscan.io logo urlscan.io
SecurityTrails logo

www.me-airbnb.com Open in urlscan Pro
188.114.97.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.me-airbnb.com/dfgnse/reservations
Effective URL: https://www.me-airbnb.com/dfgnse/reservations
Submission: On July 04 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.me-airbnb.com.
TLS certificate: Issued by WE1 on June 6th 2024. Valid for: 3 months.
This is the only time www.me-airbnb.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 9 188.114.97.3 13335 (CLOUDFLAR...)
3 172.67.212.24 13335 (CLOUDFLAR...)
12 3
Apex Domain
Subdomains		 Transfer
9 me-airbnb.com
www.me-airbnb.com
163 KB
3 support-15.online
support-15.online
1 KB
12 2
Domain Requested by
9 www.me-airbnb.com 1 redirects www.me-airbnb.com
3 support-15.online www.me-airbnb.com
12 2

This site contains no links.

Subject Issuer Validity Valid
me-airbnb.com
WE1		 2024-06-06 -
2024-09-04		 3 months crt.sh
support-15.online
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.me-airbnb.com/dfgnse/reservations
Frame ID: 66B65B901B10496A2643B7D2D92C78CF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Airbnb

Page URL History Show full URLs

  1. http://www.me-airbnb.com/dfgnse/reservations HTTP 307
    https://www.me-airbnb.com/dfgnse/reservations Page URL
  2. https://www.me-airbnb.com/cdn-cgi/phish-bypass?atok=WGvSsIhEfg9104Jqb.zYakGqX0tYSeUpW1dDoooRnVc-172013... HTTP 301
    https://www.me-airbnb.com/dfgnse/reservations Page URL

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

164 kB
Transfer

510 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.me-airbnb.com/dfgnse/reservations HTTP 307
    https://www.me-airbnb.com/dfgnse/reservations Page URL
  2. https://www.me-airbnb.com/cdn-cgi/phish-bypass?atok=WGvSsIhEfg9104Jqb.zYakGqX0tYSeUpW1dDoooRnVc-1720131448-0.0.1.1-%2Fdfgnse%2Freservations HTTP 301
    https://www.me-airbnb.com/dfgnse/reservations Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.me-airbnb.com/dfgnse/reservations HTTP 307
  • https://www.me-airbnb.com/dfgnse/reservations

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
reservations
www.me-airbnb.com/dfgnse/
Redirect Chain
  • http://www.me-airbnb.com/dfgnse/reservations
  • https://www.me-airbnb.com/dfgnse/reservations
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.me-airbnb.com/dfgnse/reservations
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
441c3703307657b8c33dca562bf81ba7b6c71f37496060559c802c2b7bcd2975
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
89e27c53aa461e4e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 04 Jul 2024 22:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mv7vRBmR83t3cE88lO1hGp4iFgnQXAOYmWjnrnfn5iPjO9%2BME%2B5jD6XXauvJ8MaAhJTniFQ5DqflEEjy4HP%2BMnj9lCl2Mj0fRhSchiBIaCaOcUPCVzh4tvpTha3XH8NhIE7MQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://www.me-airbnb.com/dfgnse/reservations
Non-Authoritative-Reason
HttpsUpgrades
cf.errors.css
www.me-airbnb.com/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.me-airbnb.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: www.me-airbnb.com
URL: https://www.me-airbnb.com/dfgnse/reservations
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.me-airbnb.com/dfgnse/reservations
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 11:25:31 GMT
server
cloudflare
etag
W/"667e9dab-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
89e27c53da791e4e-FRA
expires
Fri, 05 Jul 2024 00:17:28 GMT
icon-exclamation.png
www.me-airbnb.com/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.me-airbnb.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: www.me-airbnb.com
URL: https://www.me-airbnb.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.me-airbnb.com/cdn-cgi/styles/cf.errors.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:28 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 11:25:31 GMT
server
cloudflare
etag
"667e9dab-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
89e27c540ab61e4e-FRA
content-length
452
expires
Fri, 05 Jul 2024 00:17:28 GMT
favicon.ico
www.me-airbnb.com/ 		5 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.me-airbnb.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8c1e55a95ed4d8c8b548036879c88730862e5701939d13634021871060175d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.me-airbnb.com/dfgnse/reservations
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BR12CaThkdIFZx9tGXWWDATZPnscUpwyBqKFI5ACQLBvQlOqDiINcz1lulBRp3NTnLS64n3FAKztkNK20CbasUg%2Fd9MnBxJiGQ5CVNFfeBUVSUKQETGr7LjGYomxfg%2BSH4cuog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
89e27c542ad31e4e-FRA
alt-svc
h3=":443"; ma=86400
Primary Request reservations
www.me-airbnb.com/dfgnse/
Redirect Chain
  • https://www.me-airbnb.com/cdn-cgi/phish-bypass?atok=WGvSsIhEfg9104Jqb.zYakGqX0tYSeUpW1dDoooRnVc-1720131448-0.0.1.1-%2Fdfgnse%2Freservations
  • https://www.me-airbnb.com/dfgnse/reservations
522 B
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.me-airbnb.com/dfgnse/reservations
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3253d3dcc5417c6e252056109b3919f46b4a01e7bef8c3f5da8bdd3fa02a8f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.me-airbnb.com/dfgnse/reservations
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
89e27c739af61e4e-FRA
content-encoding
br
content-type
text/html
date
Thu, 04 Jul 2024 22:17:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KQ%2BuQyw1qI3ghulSDkzu7I%2FdvyF%2F3vYEYkRM6x6DbKTo5WL9S1lnHFeVMGrqERyVM916DASevWtjZSE3gaCKHC%2BUxUT1ksBeV6b5I%2FGUgKoT7HYst5x92TiRavNrX%2FIaKrrJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
private, no-cache
cf-ray
89e27c737ad41e4e-FRA
content-length
167
content-type
text/html
date
Thu, 04 Jul 2024 22:17:33 GMT
location
https://www.me-airbnb.com/dfgnse/reservations
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
index-VpamsGcD.js
www.me-airbnb.com/assets/ 		426 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.me-airbnb.com/assets/index-VpamsGcD.js
Requested by
Host: www.me-airbnb.com
URL: https://www.me-airbnb.com/dfgnse/reservations
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faba27f48eefd3cedcc4c0a3d28df5e0f2eaeb1d5a59b2e5700c4978805089c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.me-airbnb.com/dfgnse/reservations
Origin
https://www.me-airbnb.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 19:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"436703-1720036050914"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iY6lvZUwDjSDlh1KEvToiOpNEqQlkmboCvVJsRPVhSoHM%2FvJbBUz9SaHiDJ6SCUoNHv7M%2BMNbVbiHpiGxHsG2ZrQp2Ya2XhGC5QrKwaUvPgLolIJhW3QaxXiF5eAEZsQdkUkUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
89e27c745bab1e4e-FRA
alt-svc
h3=":443"; ma=86400
index-CVYvM4dx.css
www.me-airbnb.com/assets/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.me-airbnb.com/assets/index-CVYvM4dx.css
Requested by
Host: www.me-airbnb.com
URL: https://www.me-airbnb.com/dfgnse/reservations
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
437f38110ff9a556506553fa852358789f158381015925a729da0a8fb3fb0c17

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.me-airbnb.com/dfgnse/reservations
Origin
https://www.me-airbnb.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 19:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"46817-1720036050914"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igAKonALbEUHkUWn29x78g6E7dmNL0OK6zct0d8K0%2BGzLjYlQOoIPCH2Zh6krKh6EoP1ZH4%2FjZEktvzMbRHIY%2FfRAEbM4SNABUo26Us3mgAzhXmoDp5%2FU6vWBVDp3shLtvK2lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
89e27c745bac1e4e-FRA
alt-svc
h3=":443"; ma=86400
/
support-15.online/api/socket/ 		118 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://support-15.online/api/socket/?EIO=4&transport=polling&t=P1_qmN2
Requested by
Host: www.me-airbnb.com
URL: https://www.me-airbnb.com/assets/index-VpamsGcD.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61ac5f79575e35fd6c1863ccb4e720f5e91a8e85fbc5fdf797cbffba50a7b8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
https://www.me-airbnb.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FNmEcUzHmoD1sJTWiGW9vkQa4jRGOBWMFHawXCXDrs38WEZiU%2FocyL%2BEzz7TEpwiyTynCQd2noMay5gcFcAO82EpXb3J%2BnG4wKCwxVAALpCdEp6MHJVJmDxjvKJt9lajze8fqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
cf-ray
89e27c767b4365bd-FRA
alt-svc
h3=":443"; ma=86400
bnb_logo.ico
www.me-airbnb.com/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.me-airbnb.com/bnb_logo.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba669d9ce07a2d4689edadaf5178a3296442567f4006e8e0e7de94b845c4a81

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.me-airbnb.com/dfgnse/reservations
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 03 Jul 2024 19:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4286-1720036050350"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QuJqvIRosoce02GRuodNhT5zl8RCfCnj09EhcA7DYoNcFymhTxHcvGtSsJrLvm53s3Tk7oDg%2FupFWTUQaJK8Z4%2BcP8i%2FYFL%2BwCtiDNOc5td%2FoGsPRK8aAw0UckKMg0NOAstGeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
89e27c763d511e4e-FRA
alt-svc
h3=":443"; ma=86400
/
support-15.online/api/socket/ 		2 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://support-15.online/api/socket/?EIO=4&transport=polling&t=P1_qmPy&sid=2mGL3bcsp3OBdiNIABBJ
Requested by
Host: www.me-airbnb.com
URL: https://www.me-airbnb.com/assets/index-VpamsGcD.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
text/plain;charset=UTF-8
Accept
*/*
Referer
https://www.me-airbnb.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BwvZeg2xECNzWWDGBZ3oOqLVrexy0LXVlqChT8oRdeRiKndOzQTq3eEMJaaGBWfbj9jk7cwzxTznZeO0gn2v7esamzmlS8Rb9BAt%2FpLFNoZ%2FLs9rWcIK%2BR9XTlPz7r427%2BSh1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
access-control-allow-origin
*
cache-control
no-store
cf-ray
89e27c773c0265bd-FRA
alt-svc
h3=":443"; ma=86400
/
support-15.online/api/socket/ 		32 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://support-15.online/api/socket/?EIO=4&transport=polling&t=P1_qmPz&sid=2mGL3bcsp3OBdiNIABBJ
Requested by
Host: www.me-airbnb.com
URL: https://www.me-airbnb.com/assets/index-VpamsGcD.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.212.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1cb19a6b2a27d43447951236b9ac9048522b6bb45c607347b92983cb5dc19ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*/*
Referer
https://www.me-airbnb.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:17:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SN1DHn8ACucytfZL6yuPpfTRC%2BxEzulbCIKIiZTlDYpxB8x%2F1V%2Fvxep2YLsUNQgm9m5vKdw6KA1Unft12XqxoHzkEmVOZaRF6vucdGKuW9BkwiAt5iKoXJQG%2FluDbIH1epAC%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
cf-ray
89e27c773c0665bd-FRA
alt-svc
h3=":443"; ma=86400
content-length
32
/
support-15.online/api/socket/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
support-15.online
URL
https://support-15.online/api/socket/?EIO=4&transport=polling&t=P1_qmRo&sid=2mGL3bcsp3OBdiNIABBJ

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| __reactRouterVersion

1 Cookies

Domain/Path Name / Value
.www.me-airbnb.com/ Name: __cf_mw_byp
Value: WGvSsIhEfg9104Jqb.zYakGqX0tYSeUpW1dDoooRnVc-1720131448-0.0.1.1-/dfgnse/reservations

1 Console Messages

Source Level URL
Text
network error URL: https://www.me-airbnb.com/assets/index-VpamsGcD.js(Line 39)
Message:
WebSocket connection to 'wss://support-15.online/api/socket/?EIO=4&transport=websocket&sid=2mGL3bcsp3OBdiNIABBJ' failed: Error during WebSocket handshake: Unexpected response code: 400

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN