airbnb.confirms-5634.com Open in urlscan Pro
2606:4700:3037::ac43:c367 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://airbnb.confirms-5634.com/payment/6143398728
Submission: On March 05 via manual (March 5th 2024, 3:27:06 pm UTC) from NL — Scanned from NL

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3037::ac43:c367, located in United States and belongs to CLOUDFLARENET, US. The main domain is airbnb.confirms-5634.com.
TLS certificate: Issued by E1 on March 5th 2024. Valid for: 3 months.

This is the only time airbnb.confirms-5634.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Airbnb (Hospitality)

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:303... 2606:4700:3037::ac43:c367	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	93.186.134.242 93.186.134.242	6762 (SEABONE-N...) (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A.)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.5.118.152 52.5.118.152	14618 (AMAZON-AES) (AMAZON-AES)
22	3

20 2606:4700:3037::ac43:c367 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

airbnb.confirms-5634.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.186.134.242 (Italy) 1 redirects

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)

a0.muscache.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.airbnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.airbnb.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.118.152 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-118-152.compute-1.amazonaws.com

airbnb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	confirms-5634.com 1 redirects airbnb.confirms-5634.com	252 KB
2	airbnb.com 2 redirects airbnb.com — Cisco Umbrella Rank: 10035 www.airbnb.com — Cisco Umbrella Rank: 10892	3 KB
1	airbnb.nl www.airbnb.nl — Cisco Umbrella Rank: 250741
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	6 KB
1	muscache.com a0.muscache.com — Cisco Umbrella Rank: 9313	32 KB
22	5

	Domain	Requested by
20	airbnb.confirms-5634.com	1 redirects airbnb.confirms-5634.com
1	www.airbnb.nl
1	www.airbnb.com	1 redirects
1	airbnb.com	1 redirects
1	cdnjs.cloudflare.com	airbnb.confirms-5634.com
1	a0.muscache.com	airbnb.confirms-5634.com
22	6

This site contains no links.

Subject Issuer	Validity	Valid
confirms-5634.com E1	`2024-03-05` - `2024-06-03`	3 months	crt.sh
www.airbnb.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-16` - `2025-02-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://airbnb.confirms-5634.com/payment/6143398728
Frame ID: 22690FE1BB629F644976CD0F819C7A9D
Requests: 14 HTTP requests in this frame

Frame: https://airbnb.confirms-5634.com/chat/6143398728
Frame ID: 0F83408D229602FE7D58474B0979F5BD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Airbnb | Vacation rentals, cabins, beach houses, & more

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

290 kB
Transfer

605 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://airbnb.confirms-5634.com/chat/%7Bimage%7D HTTP 302
https://airbnb.com/ HTTP 301
https://www.airbnb.com/ HTTP 307
https://www.airbnb.nl/?_set_bev_on_new_domain=1709652423_MTc3MzBhZGUzM2Ex

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 6143398728 Show response
airbnb.confirms-5634.com/payment/ 39 KB
11 KB 580ms
543ms Document
text/html 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8318bdfa54a2464b48123d6a0106361f4e6980a64123f40868930299237405e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85fb20aef8140e37-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 15:27:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLgAQBWdyEL5GmKKW3kKTkiAabhWx1h%2Bb8%2Bb28xPFCmrOBnS6i0MJQ5UvATNapWfCfPLjJlxTrfJ4X9OaMIpANPJf8Kj1V8f55S7O3XHM9knkNumzk1JvHcnKkIC7wvgYuj2xTuWtP66QFv3atbWaR5tA31yCSw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 chat.css
airbnb.confirms-5634.com/build/ 3 KB
986 B 27ms
26ms Stylesheet
text/css 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/build/chat.css
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/payment/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:02:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3376
etag: W/"65bf8afb-a0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBKgBXb3qZqVhzuUdj7BldtLQkwoE4roBxh3w%2BLPgbXTQo8OU%2BR%2BTU6qYg5qcfNvykd%2Fjfpjffb%2BqRP2yJKeFbEmR%2F4wN3GZ6f%2F0ycPtFrmLWbGP88eFB6MOmaZ5LURrl05QbEgtKaGI9ZJHNGW4ZllYE5fLjoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85fb20b26ce00e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 script2.js Show response
airbnb.confirms-5634.com/css/airbnb/ 22 KB
6 KB 31ms
30ms Script
application/javascript 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/css/airbnb/script2.js
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e73d30d07be6b19a2378a4ba1756d4eff7e2425a9fc74de0560742a2f0648dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/payment/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 18:57:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3376
etag: W/"65d3a490-58ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2oRHysTEVYKf9G4DrqseML4JFTPNu6lqTbUTYdQCAtAFJXqKBrAj%2BXWO0plFc1TtiBjZQO5MEQRm0z%2BBKJjqzcb4dofLSb3ssh2hcJs%2BVAhOyuoKXVgk%2BU6fcdYEqxL2PEROvSBdMP85mmjpRi9NBluS25Bkvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85fb20b26cec0e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
airbnb.confirms-5634.com/css/airbnb/css/ 31 KB
7 KB 34ms
34ms Stylesheet
text/css 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/css/airbnb/css/main.css
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95fd885fd024472895d8b09606e94ea9778ce31384a5fd49bc5d84465d93289

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/payment/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3376
etag: W/"65bf8b19-7c85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUd9yGyPOgGIIhDdTqlgQTOR2PIX48OCfBjIRZknnR8LYvedlZ3TeRWQBveQvhjK8g4PYP1F%2FES8YIypbhgVuuQL2YFHhrsz5K4hF6Tn5f4sXP5RjRASNkEz%2B1D3ZfFO6RFG2V6AQfsVvL5JSACvrQf1sJ%2FdyZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85fb20b26ce20e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
airbnb.confirms-5634.com/js/ 87 KB
32 KB 32ms
31ms Script
application/javascript 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/js/jquery.min.js
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/payment/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:02:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3376
etag: W/"65bf8ae8-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dLgNfwfrYZEJvGvWf18C1svvcFbstU7qwz5rZv4VLvyeZreEqxAVblelIptwyjmfiHBqzrtICudau%2Bv4eSLvi9eTlcUNjSfLIg%2Bj9tnv0FObPHTntQRPHpTt1i9U3W2X6orcsn4ONDjNlrDmEDfFn3%2BhLLc8Z4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85fb20b26ce40e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 visa.svg
airbnb.confirms-5634.com/css/airbnb/assets/img/payments/ 903 B
868 B 39ms
39ms Image
image/svg+xml 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airbnb.confirms-5634.com/css/airbnb/assets/img/payments/visa.svg
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9356128a4fdd7f7021f5b46ccc0f1e8158fc5a3cfb42833dd9c0236834efc27b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/payment/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3375
etag: W/"65bf8b3f-387"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BLJtT1%2BAMZNbSozh1WiPDKD5uH%2Fdd02ldmGhkixPYpbXuyBah%2Fjbe1TrrR8aNftG4RcO4lqmCr5VIAt%2BSJFuOlsqC614BI1WAK%2BvncBwjuT21E92j8q8xfvA33Q%2B3iaubvzojMA%2Bbl15bZ%2BD%2BX0BaL0McBiT3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85fb20b26ce50e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 amex.svg
airbnb.confirms-5634.com/css/airbnb/assets/img/payments/ 750 B
816 B 38ms
38ms Image
image/svg+xml 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airbnb.confirms-5634.com/css/airbnb/assets/img/payments/amex.svg
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dfbae0dacd10d301e21a35cda20b66fd32f1ffe176842fcb28590512d756503

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/payment/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3375
etag: W/"65bf8b3e-2ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFzZaIT7x9x2jFrqZ2L%2BgiO8x%2BzrKArAsrByj6SuCXrl6WJnl6Wm%2B4SJCw8R9W%2BtF9HBcaG6xmKGV7gJqk7l%2BkYvdHnMJOtb629zx7x1sbhc%2Bgoxp4kXm9sAcQcyQuIRlyh9%2B8HHD8lS6k2RxNJ6G%2BzUYan2H14%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85fb20b26ce80e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 mc.svg
airbnb.confirms-5634.com/css/airbnb/assets/img/payments/ 559 B
739 B 26ms
26ms Image
image/svg+xml 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airbnb.confirms-5634.com/css/airbnb/assets/img/payments/mc.svg
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 910bfc606b7c82369fd37783518c86b3d909d0064479411385783f83f21363ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/payment/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3373
etag: W/"65bf8b3f-22f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkWOvuHv%2F14QjQsNFZsbYJm0cR41%2FigDNq%2FmoopnHwjeotA0l9NXT86fTkmZH4dsGOrzRYEEeh0Gcj8VnV78DPtWcYDt8g9n7cmUVXxjGBHAunGgkazrQAl6JWCge0veuQi4yG80GvWd8psr9DnwVJgbhW4kdOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85fb20b2ad540e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 discover.svg
airbnb.confirms-5634.com/css/airbnb/assets/img/payments/ 2 KB
1 KB 27ms
27ms Image
image/svg+xml 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airbnb.confirms-5634.com/css/airbnb/assets/img/payments/discover.svg
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84ec8b9bf204c018f1ab19aae4788e72a0434731d166ae5b48f1e9ebc4495e02

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/payment/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Feb 2024 13:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3373
etag: W/"65bf8b3e-65f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxjjcovWi%2FzCgXGoq0fQGEsPH2P3HN9aXODhZI0yRluJcypLj%2FtWrV2I8QuLrB6Y%2FcJSqtp44SWM%2BBKdpBY0Ka0MtpT7sB8b%2BjNOcn8ZCQJYD5H6OCYi1csdFArNOvOziIvzqHCnLawFqObWmQw7j%2Bgq4O%2FCfFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85fb20b2ad570e37-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 553c44a8-8015-467d-92b0-d22027fddaab.jpg
a0.muscache.com/im/pictures/ 32 KB
32 KB 328ms
151ms Image
image/avif 93.186.134.242
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a0.muscache.com/im/pictures/553c44a8-8015-467d-92b0-d22027fddaab.jpg

Requested by

Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.134.242 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4e0d4ec0ad816e239b82a35642815ec532ed929c32daac5eb78a27340caefd83

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
cachestatus: origin
x-content-type-options: nosniff
strict-transport-security: max-age=10886400; includeSubDomains
alt-svc: h3=":443"; ma=93600
content-length: 32558
x-airbnb-sureride: c1a1o.0.ee86ba5d.1709652421.b53fec54%%h1
last-modified: Tue, 05 Mar 2024 14:31:53 GMT
server: Akamai Image Manager
x-serial: 995
accept-ch: device-memory, ect
etag: "fbcb765eb9f7c2ce7ca19cf8e8f753eaf0c551fa"
x-frame-options: SAMEORIGIN
accept-ch-lifetime: 2592000
content-type: image/avif
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: private, no-transform, max-age=2588655
timing-allow-origin: *
expires: Thu, 04 Apr 2024 14:31:16 GMT

GET
H3 200 6143398728 Show response
airbnb.confirms-5634.com/chat/ Frame 0F83 29 KB
9 KB 402ms
402ms Document
text/html 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/chat/6143398728
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/payment/6143398728
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e37113bf91eaf606c01f83dc430a850b21572e44663869e6d67703c7e1d0655

Request headers

Referer: https://airbnb.confirms-5634.com/payment/6143398728
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85fb20b2bea8b8e2-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Mar 2024 15:27:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsSaz4tpb4wIR7XeYsA%2B5i1ZXM1ci65Z6BtQ1ct2SYgUxip2j2Q6DPixRFQgE5nIkbLq6cbZREL3jTNFg2F9FxVBAnuqOxo2SZoNvl62kho6m%2BQnCSMPShHdUg70k0usSETbncbwdE4jn%2FejTVljHXi7AXvSafo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 user_send_status.php Show response
airbnb.confirms-5634.com/ajax/ 0
543 B 367ms
367ms XHR
text/html 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/ajax/user_send_status.php
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://airbnb.confirms-5634.com/payment/6143398728
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oH2rZgXMTtvU0dRoADQmZqXDAPN6V%2Bspsz%2FFZQ%2Ft%2B%2FV%2F%2BNAKQEOGkD1ARFbZYqVLKS6UYk5ECLJv2XlUL7%2Fos%2FChbAzQpRJBVWyCII21HAnTpeXFAxPzCPWqJ9rSU0wzuD8pCixHDvfZREtiJt%2BTK%2FauEgC1%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 85fb20b2beadb8e2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 air.woff
airbnb.confirms-5634.com/css/airbnb/assets/fonts/ 32 KB
32 KB 404ms
403ms Font
application/font-woff 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/css/airbnb/assets/fonts/air.woff
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/css/airbnb/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83f54ad9011d6294256d51fd8467263bc03c73bbcf60fbb0ef7e6543e4d9a51c

Request headers

Referer: https://airbnb.confirms-5634.com/css/airbnb/css/main.css
Origin: https://airbnb.confirms-5634.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:03:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8b22-7e30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVgCrgoU4kAl2JOgEB4uWCgtSVGsiOaL6RYMuiC72II4ckYxsM4gqnTAA7E2si22zGeZYzoPjJIpVWxHgvTkc3STGhWg8LxWb0vyrRJR1Bh0kDmttFIgrioHmz%2Bvgqc5TG6W6hixiuSZjhNLJs9blyITvYKR1mc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 85fb20b2ceb5b8e2-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 air-light.woff
airbnb.confirms-5634.com/css/airbnb/assets/fonts/ 32 KB
32 KB 484ms
484ms Font
application/font-woff 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/css/airbnb/assets/fonts/air-light.woff
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/css/airbnb/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff0aa357bd18f90e1d8a001cd28716c1180a666885e42995dfae748cd794e5fe

Request headers

Referer: https://airbnb.confirms-5634.com/css/airbnb/css/main.css
Origin: https://airbnb.confirms-5634.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8b21-7ee0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq7AUpB7oY3CNK6bXQNuJObFsitPAURU%2FoEOXRBFduDMbnRw6%2BEaTod5%2B%2FQ%2BIM9omoTx3NcVYu6MzebxYM5GO9Sf%2BZFrM4VO7LDYVu%2FXYfTAAsaqV2J%2BRoHYLkB4vodINWK5RNh6Asnnot7vzuQME%2BSAJ4mkqS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 85fb20b2ceb8b8e2-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 air-bold.woff
airbnb.confirms-5634.com/css/airbnb/assets/fonts/ 31 KB
32 KB 429ms
429ms Font
application/font-woff 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/css/airbnb/assets/fonts/air-bold.woff
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/css/airbnb/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12fff6b197ff0c1bc02931bec0266105ea020b144a384c6a9bd38261cce7985

Request headers

Referer: https://airbnb.confirms-5634.com/css/airbnb/css/main.css
Origin: https://airbnb.confirms-5634.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8b21-7d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXhrIrgyzw6WpUFCEx2rRS47I4uyPc1rxFxoTf85rpzydr2RZJBwWXmEC6%2Fl%2Fb2e04EabdBICOLShL73EXQKf6s6Bw6NlN9Je8%2F1FpSlbo%2FehicAIb3bwE5rtOMRb1oSp1LMOlFR%2FkrZL2Ip7D7zit5Nf9V5DWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 85fb20b2cebab8e2-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 chat.css
airbnb.confirms-5634.com/css/ Frame 0F83 106 KB
17 KB 669ms
669ms Stylesheet
text/css 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/css/chat.css
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/chat/6143398728
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/chat/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:03:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8b0b-1a924"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0TcPYckGVeZ8XZ9RrlzvzcnG1pnwed9q2tIvqIHoU66pDyH2xo7SH9U4gLiplUaT0HcysZYud71QADkxRgjEOKDODLjIPbcxnq6f%2BEArRiUry5AcF8CDB2bgHdWMyhlKEG4ByvqlCbNv0FDVWq3WoWMu90H%2B9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85fb20b549f7b8e2-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 0F83 30 KB
6 KB 65ms
30ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/chat/6143398728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 426910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ26bOpzQ7abH0%2FldHiUmgV0yS3BBYFwlYHDyLqf4lmO52gtqosgAVuJHy334P2qLEyFS6NzhejpkIr1OjBu2X00k3kZuwlatjVA6sPLvUORamnOvsXuJqBHgEbw5hKwB4lpX7ufY6mq01QuK5uM%2Bb4B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85fb20b57be57758-AMS
expires: Sun, 23 Feb 2025 15:27:02 GMT

GET
H3 200 support.png
airbnb.confirms-5634.com/img/ Frame 0F83 15 KB
16 KB 328ms
328ms Image
image/png 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airbnb.confirms-5634.com/img/support.png
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/chat/6143398728
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/chat/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:02 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:02:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bf8ae0-3d12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkpj2sKjhsYFrA0qG8JIw7vssLFqN0F%2ByjR1fOEflxmDewQGMydCWWjS423dQ3eK6AYL0SSbHdxU0%2BPAMgdXHwn5OKFNeBS9eXp1SwLGo%2BI1ZGNFQONkq2r59q0yzujj%2Fz3tvUiLXWzrEgJ8TOR9A9r3%2FTXuH28%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85fb20b549fab8e2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15634

GET
H3 200 support-open.png
airbnb.confirms-5634.com/img/ Frame 0F83 21 KB
21 KB 412ms
412ms Image
image/png 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://airbnb.confirms-5634.com/img/support-open.png
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/chat/6143398728
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/chat/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:02 GMT
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:02:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65bf8adf-5400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qH8R3Xuhwgz2FbOoiE5k0nTalhh1dMdoxqjzKPLH8ciuOUY%2F%2FEVYKyd2O6tEVGvI9g3UTHfxanFfdlUkc2hnJup0ZCJEVNoWPG0gJe99cvO4nXcgptBUuisxkNFMfnWGHm6av%2BgsMgmnC3Rj%2BIBCIPm22C%2B2%2FPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85fb20b549fdb8e2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21504

GET
H3 200 jquery.min.js Show response
airbnb.confirms-5634.com/dist/new_card_design/ Frame 0F83 87 KB
32 KB 496ms
496ms Script
application/javascript 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/dist/new_card_design/jquery.min.js
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/chat/6143398728
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/chat/6143398728
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 15:27:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 04 Feb 2024 13:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bf8b46-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMRwKc5GQWMXEguVhWoqsy9FPIuepTxE2uUoAGSzveZU%2B8xoVwwqiC%2FQ9l%2F4M9DMUi8LjeiLFDuEg3qqIfrtNbWZrTWaT%2B%2BpTrvF2GENlgRrt9TQVaLoKIsfO2zB1ZcYf%2B8neBo%2B9uHFvtYN3TA9oLLEyBlZuZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85fb20b55a24b8e2-AMS
alt-svc: h3=":443"; ma=86400

POST
H3 200 msg_check.php Show response
airbnb.confirms-5634.com/ajax/ Frame 0F83 3 KB
1 KB 369ms
369ms XHR
text/html 2606:4700:3037::ac43:c367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://airbnb.confirms-5634.com/ajax/msg_check.php
Requested by: Host: airbnb.confirms-5634.com
URL: https://airbnb.confirms-5634.com/dist/new_card_design/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:c367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6572d4f69bfb6a9f3ba009ccf6ef70c22f244da72e63c7c05b1e1df532e46823

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://airbnb.confirms-5634.com/chat/6143398728
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 15:27:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPb%2FdNHfTLG0E1OvqKcJvTORDAwReZEYakBYrZI%2FGfnTVoeZ7qbMiVFvr3OpPM6Qwj9Vxs8FjaHRlohZr52uPp3dLJyain7zYwy6LK3LmtU0jurqYPhwouk9GekGW4SBmYgSR%2BS%2FNKuX0L7UAGY1vYDq1mNMVaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 85fb20b98ed4b8e2-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
www.airbnb.nl/ Frame 0F83
Redirect Chain

https://airbnb.confirms-5634.com/chat/%7Bimage%7D
https://airbnb.com/
https://www.airbnb.com/
https://www.airbnb.nl/?_set_bev_on_new_domain=1709652423_MTc3MzBhZGUzM2Ex

0
0

275ms
275ms

Image
text/html

93.186.134.242
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.airbnb.nl/?_set_bev_on_new_domain=1709652423_MTc3MzBhZGUzM2Ex
Protocol: H2
Server: 93.186.134.242 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://airbnb.confirms-5634.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Redirect headers

content-security-policy: default-src 'self' https:; connect-src 'self' https: wss://ws.airbnb.com; img-src 'self' https: data:; media-src 'self' https:; font-src 'self' data: https:; frame-src *; script-src 'self' https: 'unsafe-eval' 'sha256-rAm9O8JPZLtQmd84zMDzhsG5q35JscESxxcaFL7+DDc=' 'sha256-CZnW0hvLQpXhjRl/rvattFn8GcIhxi8fcsCstVugtsI=' 'sha256-96k+AOKIYoML3O+lb2L6QMfXHg/Ddn4WVb9vVVu6NMc=' 'sha256-x9qrZuocTEr1tOGphIwP5Mv7KhBpl6RF2jsvp2TcWoE='; style-src 'self' https: 'unsafe-inline'; report-uri /tracking/csp?controller=core-guest-loop&action=%2F&req_uuid=36fe7490-454b-4803-b014-1feda701f66e&version=sha%3D72153f82027a&report_only=false; report-to /tracking/csp?controller=core-guest-loop&action=%2F&req_uuid=36fe7490-454b-4803-b014-1feda701f66e&version=sha%3D72153f82027a&report_only=false; worker-src 'self' https:
strict-transport-security: max-age=10886400; includeSubdomains
x-erf-bev-bev-is-generated: 1
date: Tue, 05 Mar 2024 15:27:03 GMT
x-server-name: www.airbnb.com
cachestatus: on
x-browser-type: unknown
status: 307 Temporary Redirect
x-kraken-loop-name: core-guest-loop
x-envoy-upstream-service-time: 43
server-timing: cdn-cache; desc=NO-STORE, edge; dur=116, origin; dur=50
alt-svc: h3=":443"; ma=93600
content-length: 108
x-airbnb-sureride: c1a1o.0.ee86ba5d.1709652423.b5402105%%i1c1o%%t1d1o.I-sMVlT6-lw2OuWIVznJHA==%%h1
x-airbnb-internal-trace-id: I-sMVlT6-lw2OuWIVznJHA==
server: nginx
accept-ch: Device-Memory, DPR, ECT, Sec-CH-UA-Platform-Version, Viewport-Width
x-frame-options: SAMEORIGIN
accept-ch-lifetime: 31536000
content-type: text/plain;charset=utf-8
location: https://www.airbnb.nl/?_set_bev_on_new_domain=1709652423_MTc3MzBhZGUzM2Ex
x-erf-bev-bev: 1709652423_MTc3MzBhZGUzM2Ex
cache-control: no-store, max-age=0, private, must-revalidate
origin-trial: AtdXoK5xrDFy2rit7x35H4EMhMW2G3NPDSBN/zJAO+hqtfE5K8+Z20ZL+EU3N2O9cygooSqPs6G/g76ncVnobwQAAABveyJvcmlnaW4iOiJodHRwczovL2FpcmJuYi5jb206NDQzIiwiZmVhdHVyZSI6IlNvZnROYXZpZ2F0aW9uSGV1cmlzdGljcyIsImV4cGlyeSI6MTcxNjk0MDc5OSwiaXNTdWJkb21haW4iOnRydWV9, AkOekvxwprBLSP7I2nhyRn5yZGt9lTJN6UIYziFKVYg5OhlzmlNDciWbBWkEQ5TYPz+aqsuIUT2pPEjPUD5dFAsAAABneyJvcmlnaW4iOiJodHRwczovL2FpcmJuYi5jb206NDQzIiwiZmVhdHVyZSI6IlByaW9yaXR5SGludHNBUEkiLCJleHBpcnkiOjE2NDc5OTM1OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
x-instrumentation: airbnb
x-server-lifecycle-phase: running

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Airbnb (Hospitality)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			airbnb.confirms-5634.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cdd1r94npud2nmn3qgeqabqcce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0.muscache.com
airbnb.com
airbnb.confirms-5634.com
cdnjs.cloudflare.com
www.airbnb.com
www.airbnb.nl
2606:4700:3037::ac43:c367
2606:4700::6811:180e
52.5.118.152
93.186.134.242
0e73d30d07be6b19a2378a4ba1756d4eff7e2425a9fc74de0560742a2f0648dc
1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8
4e0d4ec0ad816e239b82a35642815ec532ed929c32daac5eb78a27340caefd83
560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb
6572d4f69bfb6a9f3ba009ccf6ef70c22f244da72e63c7c05b1e1df532e46823
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8318bdfa54a2464b48123d6a0106361f4e6980a64123f40868930299237405e1
83f54ad9011d6294256d51fd8467263bc03c73bbcf60fbb0ef7e6543e4d9a51c
84ec8b9bf204c018f1ab19aae4788e72a0434731d166ae5b48f1e9ebc4495e02
8dfbae0dacd10d301e21a35cda20b66fd32f1ffe176842fcb28590512d756503
910bfc606b7c82369fd37783518c86b3d909d0064479411385783f83f21363ef
9356128a4fdd7f7021f5b46ccc0f1e8158fc5a3cfb42833dd9c0236834efc27b
9e37113bf91eaf606c01f83dc430a850b21572e44663869e6d67703c7e1d0655
b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3
c12fff6b197ff0c1bc02931bec0266105ea020b144a384c6a9bd38261cce7985
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f95fd885fd024472895d8b09606e94ea9778ce31384a5fd49bc5d84465d93289
ff0aa357bd18f90e1d8a001cd28716c1180a666885e42995dfae748cd794e5fe

airbnb.confirms-5634.com Open in urlscan Pro 2606:4700:3037::ac43:c367 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

95 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

3 IPs

2 Countries

290 kBTransfer

605 kBSize

1 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

1 Cookies

Indicators

airbnb.confirms-5634.com Open in urlscan Pro
2606:4700:3037::ac43:c367 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

290 kB
Transfer

605 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!