airbnbreservconnect.com Open in urlscan Pro
172.67.208.55  Malicious Activity! Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response airbnbreservconnect.com/	509 B 752 B	179ms 123ms	Document text/html	172.67.208.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://airbnbreservconnect.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29f28eb7adea20559080ffb73c0feee1acf41c713254d96fa86e8c11f6856513 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 891586c75ea84d40-FRA content-encoding br content-type text/html date Mon, 10 Jun 2024 01:18:16 GMT last-modified Fri, 07 Jun 2024 14:20:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyNTNFYroPVG2VWIO1ygi8%2FNm7QygdVUiglyA%2BA9txS9bBMekZst2ZsQTrJOTnrQ9HLr0biDRWCZZ81LARXkcJ3hhq2ftJx7etY%2FMlpKo%2BlIy7IRNxxwyEQKrSDocisLPyM0hk%2BhJNzTow%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	style.css airbnbreservconnect.com/	2 MB 893 KB	131ms 130ms	Stylesheet text/css	172.67.208.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://airbnbreservconnect.com/style.css Requested by Host: airbnbreservconnect.com URL: https://airbnbreservconnect.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a824319b735485232494e36e4d2fca1ca96901dc46034bb8f89840a60aa9777 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://airbnbreservconnect.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 01:18:16 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 07 Jun 2024 14:19:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6663170f-216ce5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6Lr8hBvVlYC4JCBKdwr2JewMOIajoeiDEKelyWwXaAblEClYdbmzbCgvXV8KP1MmJXwxqYnFyk0QR9etGQM1jHuAsb0vFzTmzm%2FEnGtnuDIpj1joM66ON3%2BmBICf1N4QjtOna3H51o9Dg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 891586c82f144d40-FRA alt-svc h3=":443"; ma=86400
GET H3	200	main.121e5c08.js Show response airbnbreservconnect.com/static/js/	584 KB 114 KB	426ms 425ms	Script application/javascript	172.67.208.55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://airbnbreservconnect.com/static/js/main.121e5c08.js Requested by Host: airbnbreservconnect.com URL: https://airbnbreservconnect.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.208.55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6323d41b02dfdd6b2376f59b22d8ab4016ceb34dbf180e5d3180c4de18a7c251 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://airbnbreservconnect.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 01:18:16 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 07 Jun 2024 14:20:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66631713-92155" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VT7ivrQnQYdBjfeClKtqqyWba4OGS8WApcab6r3apB0VQjDxTVvSspeFZKlwWdyx2oVY0WNE4rNLO466K2NvqbnjR%2BUZZR0F049%2FpzTI4R7ikm9kW1UsT0CcAxDAN%2FWn2fHE7g5JPYxyKA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 891586c82f154d40-FRA alt-svc h3=":443"; ma=86400
GET H2	200	android-icon-192x192-c0465f9f0380893768972a31a614b670.png a0.muscache.com/airbnb/static/icons/	7 KB 8 KB	367ms 63ms	Other image/png	2.17.113.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a0.muscache.com/airbnb/static/icons/android-icon-192x192-c0465f9f0380893768972a31a614b670.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.113.105 Manchester, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-113-105.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash c88f6b661daca0190f2cd09d23cd304aaf50960c7687f7698a19189a8b28d9c9 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://airbnbreservconnect.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 4VWTdYN.wNBU8kcSHJrgIxVGtgksShcz date Mon, 10 Jun 2024 01:18:17 GMT x-content-type-options nosniff cachestatus cache strict-transport-security max-age=10886400; includeSubDomains x-amz-request-id 5Y5FE2S4EW1W852Z x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET alt-svc h3=":443"; ma=93600 content-length 7384 x-amz-id-2 untDwZn4VlsP98KQ6TBBbizEDR0DgElRNOv1Okyc9XThS5CXEYN7ECWFt9+pBd3LiHjdWE9rL2w= x-airbnb-sureride c1a1c.0.65711102.1717982297.1b87959%%h1 last-modified Wed, 10 Apr 2024 09:53:21 GMT server AmazonS3 accept-ch device-memory, ect etag "31ed5c4060dc0321ccfe3aa76e120a37" accept-ch-lifetime 2592000 content-type image/png access-control-allow-origin * access-control-allow-methods GET cache-control public, max-age=31536000 accept-ranges bytes akamai-request-bc [a=2.17.113.101,b=28866905,c=g,n=GB_EN_MANCHESTER,o=20940] timing-allow-origin * expires Tue, 10 Jun 2025 01:18:17 GMT
GET DATA	200 OK	truncated /	24 KB 24 KB		Font binary/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b06428a4009f63f0edb5c8cf89ffb84ea978a2b559cc4c14c8e7a0e130ceefc4 Request headers Referer Origin https://airbnbreservconnect.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type binary/octet-stream
GET DATA	200 OK	truncated /	23 KB 23 KB		Font binary/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b848d7113c5d21f463bd7b248115b78ae386d1628459bfcdb154f82f083bfc97 Request headers Referer Origin https://airbnbreservconnect.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type binary/octet-stream
GET DATA	200 OK	truncated /	24 KB 24 KB		Font binary/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b11f01105c8b416bc49025877708638fc1955dc31d2a3fa7904d4e0b0f4ac4b4 Request headers Referer Origin https://airbnbreservconnect.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type binary/octet-stream
GET H2	200	android-icon-192x192-c0465f9f0380893768972a31a614b670.png a0.muscache.com/airbnb/static/icons/	7 KB 0	309ms 309ms	Other image/png	2.17.113.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a0.muscache.com/airbnb/static/icons/android-icon-192x192-c0465f9f0380893768972a31a614b670.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.113.105 Manchester, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-113-105.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash c88f6b661daca0190f2cd09d23cd304aaf50960c7687f7698a19189a8b28d9c9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://airbnbreservconnect.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 4VWTdYN.wNBU8kcSHJrgIxVGtgksShcz date Mon, 10 Jun 2024 01:18:17 GMT x-content-type-options nosniff cachestatus cache x-amz-request-id 5Y5FE2S4EW1W852Z x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET alt-svc h3=":443"; ma=93600 content-length 7384 x-amz-id-2 untDwZn4VlsP98KQ6TBBbizEDR0DgElRNOv1Okyc9XThS5CXEYN7ECWFt9+pBd3LiHjdWE9rL2w= x-airbnb-sureride c1a1c.0.65711102.1717982297.1b87959%%h1 last-modified Wed, 10 Apr 2024 09:53:21 GMT server AmazonS3 accept-ch device-memory, ect etag "31ed5c4060dc0321ccfe3aa76e120a37" accept-ch-lifetime 2592000 content-type image/png access-control-allow-origin * access-control-allow-methods GET cache-control public, max-age=31536000 accept-ranges bytes akamai-request-bc [a=2.17.113.101,b=28866905,c=g,n=GB_EN_MANCHESTER,o=20940] timing-allow-origin * expires Tue, 10 Jun 2025 01:18:17 GMT
GET H3	200	info Show response api.drzteamsqd.pics/ws/	77 B 642 B	218ms 121ms	XHR application/json	172.67.169.208 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.drzteamsqd.pics/ws/info?t=1717982297045 Requested by Host: airbnbreservconnect.com URL: https://airbnbreservconnect.com/static/js/main.121e5c08.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ac42410b56267a2bcf81416080c4f059011ca93c1de8aab333c813b37d5418d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://airbnbreservconnect.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 10 Jun 2024 01:18:17 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lkBXdQu5RIYw9L0kTKB3BSqcUvgKkj%2B%2BXw2PRhOLnU0oeY4xIWLmsCe3EJtwuxPhj4iWT0yPIb%2FpXPDXM05IqfIkd1%2BB%2BfzWWRhHUtxQU1jQdIXeXrLPJtT0igaZjrL1VF6t6DR"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=UTF-8 access-control-allow-origin https://airbnbreservconnect.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cf-ray 891586cd483530c6-FRA alt-svc h3=":443"; ma=86400
GET H2	200	android-icon-192x192-c0465f9f0380893768972a31a614b670.png a0.muscache.com/airbnb/static/icons/	7 KB 0	276ms 276ms	Other image/png	2.17.113.105 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://a0.muscache.com/airbnb/static/icons/android-icon-192x192-c0465f9f0380893768972a31a614b670.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.113.105 Manchester, United Kingdom, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-113-105.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash c88f6b661daca0190f2cd09d23cd304aaf50960c7687f7698a19189a8b28d9c9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://airbnbreservconnect.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id 4VWTdYN.wNBU8kcSHJrgIxVGtgksShcz date Mon, 10 Jun 2024 01:18:17 GMT x-content-type-options nosniff cachestatus cache x-amz-request-id 5Y5FE2S4EW1W852Z x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET alt-svc h3=":443"; ma=93600 content-length 7384 x-amz-id-2 untDwZn4VlsP98KQ6TBBbizEDR0DgElRNOv1Okyc9XThS5CXEYN7ECWFt9+pBd3LiHjdWE9rL2w= x-airbnb-sureride c1a1c.0.65711102.1717982297.1b87959%%h1 last-modified Wed, 10 Apr 2024 09:53:21 GMT server AmazonS3 accept-ch device-memory, ect etag "31ed5c4060dc0321ccfe3aa76e120a37" accept-ch-lifetime 2592000 content-type image/png access-control-allow-origin * access-control-allow-methods GET cache-control public, max-age=31536000 accept-ranges bytes akamai-request-bc [a=2.17.113.101,b=28866905,c=g,n=GB_EN_MANCHESTER,o=20940] timing-allow-origin * expires Tue, 10 Jun 2025 01:18:17 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Airbnb (Hospitality)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0.muscache.com
airbnbreservconnect.com
api.drzteamsqd.pics
172.67.169.208
172.67.208.55
2.17.113.105
29f28eb7adea20559080ffb73c0feee1acf41c713254d96fa86e8c11f6856513
2ac42410b56267a2bcf81416080c4f059011ca93c1de8aab333c813b37d5418d
6323d41b02dfdd6b2376f59b22d8ab4016ceb34dbf180e5d3180c4de18a7c251
9a824319b735485232494e36e4d2fca1ca96901dc46034bb8f89840a60aa9777
b06428a4009f63f0edb5c8cf89ffb84ea978a2b559cc4c14c8e7a0e130ceefc4
b11f01105c8b416bc49025877708638fc1955dc31d2a3fa7904d4e0b0f4ac4b4
b848d7113c5d21f463bd7b248115b78ae386d1628459bfcdb154f82f083bfc97
c88f6b661daca0190f2cd09d23cd304aaf50960c7687f7698a19189a8b28d9c9