| code.jquery.com/jquery-3.7.1.slim.min.js | 151.101.66.137 | 200 OK | 24 kB |
URL GET HTTP/2code.jquery.com/jquery-3.7.1.slim.min.js IP151.101.66.137:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65241) Hashaf73dd50819a5fc22dff8b0ed2229d6c 8b1d5dbd114b9c92f4a20139e1aca3196d94814b 9261efb3407e3a9096e4654750d8eff6b3a663422f48845c7fbcc65034c340cf
GET /jquery-3.7.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-11278"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 16:14:51 GMT
age: 15234500
x-served-by: cache-lga21942-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 17175, 1664
x-timer: S1715184891.486943,VS0,VE0
vary: Accept-Encoding
content-length: 24036
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_postepay.65045e70e65761f29de3881049c6e9f3.svg | 23.218.92.88 | 200 OK | 2.1 kB |
URL GET HTTP/2a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_postepay.65045e70e65761f29de3881049c6e9f3.svg IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash65045e70e65761f29de3881049c6e9f3 7f77166794a3ef994acc5b262c18f8d33a205ba0 56eda82069322f74250ebafbb4b723de9dd82662451885b2df76479c1e81f83e
GET /airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_postepay.65045e70e65761f29de3881049c6e9f3.svg HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "65045e70e65761f29de3881049c6e9f3"
last-modified: Sun, 11 Feb 2024 02:51:49 GMT
server: Akamai Resource Optimizer
x-amz-id-2: zx7WdhTp6DuMcF9KMSbWdsXqJBSsO5bzXUQPixJcxFVC4WXG4Me4FJ18fUZYl+KnYAvjNXlFpZkawQN/4djUckIEBJsNbr8kV3Vh1nMacxE=
x-amz-replication-status: COMPLETED
x-amz-request-id: 3NF66YV5VZJ1FRXA
x-amz-server-side-encryption: AES256
x-amz-version-id: 7ijyMzXOZhu_o_lHsThgKtdPNyma7rkE
content-length: 2061
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:51 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.218.92.84,b=127545638,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184891.79a3126%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff, nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_paypal.faa3042fa2daf6b4a9822cc4b43e8609.svg | 23.218.92.88 | 200 OK | 788 B |
URL GET HTTP/2a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_paypal.faa3042fa2daf6b4a9822cc4b43e8609.svg IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashfaa3042fa2daf6b4a9822cc4b43e8609 5ee49336d843fcdb2d2bd473947769b1a573130a e145566219cb9fdcd69165ffcd1ef1c3dcd1e0708970a583fba3944b0165df06
GET /airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_paypal.faa3042fa2daf6b4a9822cc4b43e8609.svg HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "faa3042fa2daf6b4a9822cc4b43e8609"
last-modified: Wed, 27 Mar 2024 14:47:12 GMT
server: Akamai Resource Optimizer
x-amz-id-2: Xco8D45th7SonnT2usfAOKwI6r7ZaiAJ8iqeyUCwT6W9sabg2vEac2EDi3LaVzdd4471/r4gN5o=
x-amz-replication-status: COMPLETED
x-amz-request-id: TVFFXZ5CESWV5QZG
x-amz-server-side-encryption: AES256
x-amz-version-id: 89Qt5qcuOtU8TNC.6eHfS_ZQHMf6K96W
content-length: 788
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:51 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.218.92.84,b=127545639,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184891.79a3127%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff, nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_googlepay.3f786bc031b59575d24f504dfb859da0.svg | 23.218.92.88 | 200 OK | 869 B |
URL GET HTTP/2a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_googlepay.3f786bc031b59575d24f504dfb859da0.svg IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash3f786bc031b59575d24f504dfb859da0 103b13a835ba7512e098833bbb98c1650936c5ae ac84f2fc34fe75a6a6906dbabf5b10adcfa940f8ff8831a7c87a91e15b569ef1
GET /airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_googlepay.3f786bc031b59575d24f504dfb859da0.svg HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "3f786bc031b59575d24f504dfb859da0"
last-modified: Sat, 02 Mar 2024 01:26:34 GMT
server: Akamai Resource Optimizer
x-amz-id-2: /iMBWRfGkxpy7FgdfttmrRWvV7WgmVCWyLrpuBz6FIlAeTrPPsTP1lhP6vynxIfuNOmKIMDNAGg=
x-amz-replication-status: PENDING
x-amz-request-id: TSBTV6HWWB702KDS
x-amz-server-side-encryption: AES256
x-amz-version-id: 3N5L.2tViMz03di15mYKAexHf5G5iaaU
content-length: 869
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:51 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.218.92.84,b=127545640,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184891.79a3128%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff, nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_ideal.e05f58e3623503d7632b6f849761400a.svg | 23.218.92.88 | 200 OK | 723 B |
URL GET HTTP/2a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_ideal.e05f58e3623503d7632b6f849761400a.svg IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashe05f58e3623503d7632b6f849761400a b35ac73e272be77315e132f6fbc1167b301e4ce4 24eb14bdf8df85ef029f8b4ec8a5fdead1fac261bdc023599b94e61452880c95
GET /airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_ideal.e05f58e3623503d7632b6f849761400a.svg HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "e05f58e3623503d7632b6f849761400a"
last-modified: Tue, 09 Apr 2024 02:12:13 GMT
server: Akamai Resource Optimizer
x-amz-id-2: v9odVq9Q9a9PgPGuk2Dyx1wxM7hfkowKHHXP0LdFOwpwbqGaxz7l8McOU/I87wdCfNAlygPN70E=
x-amz-replication-status: COMPLETED
x-amz-request-id: TPHK8JQ6JYH5CPWT
x-amz-server-side-encryption: AES256
x-amz-version-id: 2GkRDcJJ_nvy5Y.pyMCC_EY3ftyZno9F
content-length: 723
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:51 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.218.92.84,b=127545643,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184891.79a312b%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff, nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/im/pictures/9e86042f-a473-4e57-989a-12eeb771221a.jpg?im_w=720&width=720&quality=70&auto=webp | 23.218.92.88 | 200 OK | 67 kB |
URL GET HTTP/2a0.muscache.com/im/pictures/9e86042f-a473-4e57-989a-12eeb771221a.jpg?im_w=720&width=720&quality=70&auto=webp IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe35424bc7f5857870599c9405af136d4 c18869bb9bb1e6e60eb19b1effd2fe6f25fbcc55 a6225a2a9c21343e3a5ea6e82d4b50250261fa0dbd29794b70ab3e244e7937e7
GET /im/pictures/9e86042f-a473-4e57-989a-12eeb771221a.jpg?im_w=720&width=720&quality=70&auto=webp HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
etag: "0bc755f2e7c931e3612f75010ac4e23f6618e830"
last-modified: Sat, 01 Jan 2022 13:27:07 GMT
server: Akamai Image Manager
unused62: 8096267
content-length: 67166
content-type: image/webp
cache-control: private, no-transform, max-age=29450357
expires: Mon, 14 Apr 2025 12:54:08 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.218.92.84,b=127545641,c=g,n=SE_AB_STOCKHOLM,o=20940],[c=p,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1o.0.545cda17.1715184891.79a3129%%h1
cachestatus: origin
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_visa.0adea522bb26bd90821a8fade4911913.svg | 23.218.92.88 | 200 OK | 502 B |
URL GET HTTP/2a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_visa.0adea522bb26bd90821a8fade4911913.svg IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash0adea522bb26bd90821a8fade4911913 8441304083784c58a198cdb5d9c20895ae71a88f 9356128a4fdd7f7021f5b46ccc0f1e8158fc5a3cfb42833dd9c0236834efc27b
GET /airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_visa.0adea522bb26bd90821a8fade4911913.svg HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "0adea522bb26bd90821a8fade4911913"
last-modified: Sat, 24 Feb 2024 19:44:49 GMT
server: Akamai Resource Optimizer
x-amz-id-2: 7D8FFWxw/x4ajj+UJRsHyeDkRxiKjy1mhkinkUlL8Kpoy3yVT4wcCuridEQNH1LTDixPz4MCeZk=
x-amz-replication-status: COMPLETED
x-amz-request-id: 874BV972CGXGP8VM
x-amz-server-side-encryption: AES256
x-amz-version-id: gmdOsaGW040LZuPPHdvJDKfn3UpQ_TeS
content-length: 502
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:51 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.218.92.84,b=127545650,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184891.79a3132%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff, nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_sofort.09a6b8666f72c0532ef1e01b516e1ac5.svg | 23.218.92.88 | 200 OK | 1.0 kB |
URL GET HTTP/2a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_sofort.09a6b8666f72c0532ef1e01b516e1ac5.svg IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash09a6b8666f72c0532ef1e01b516e1ac5 a2955004e980396c943c4a044fe28694734e6f03 f988880377b617ef4b8242c8a9ac0b4ba81b6a3f46f5a366fb05dd9947362334
GET /airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_sofort.09a6b8666f72c0532ef1e01b516e1ac5.svg HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "09a6b8666f72c0532ef1e01b516e1ac5"
last-modified: Sun, 28 Apr 2024 09:51:13 GMT
server: Akamai Resource Optimizer
x-amz-id-2: Q0t1Bj9eJ6DvX6qMfJp2SAayxk2HNG5YmN0Gexjas4DCzgw/ikaZkbW9Q1pHomy+goKxidMY8Y8=
x-amz-replication-status: COMPLETED
x-amz-request-id: P3V5VV4FX4VFN0BG
x-amz-server-side-encryption: AES256
x-amz-version-id: dA29wHwdQTdb5.NovUhDvS2Ta.Q9.vua
content-length: 1020
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:51 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=200.110.126.62,b=1595249714,c=g,n=EC__QUITO,o=27814], [a=23.218.92.84,b=127545651,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184891.79a3133%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET, cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff, nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_mastercard.f18379cf1f27d22abd9e9cf44085d149.svg | 23.218.92.88 | 200 OK | 303 B |
URL GET HTTP/2a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_mastercard.f18379cf1f27d22abd9e9cf44085d149.svg IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashf18379cf1f27d22abd9e9cf44085d149 70330d85f1483dd4f0e23e55668a5ab6ef84c61a 910bfc606b7c82369fd37783518c86b3d909d0064479411385783f83f21363ef
GET /airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_mastercard.f18379cf1f27d22abd9e9cf44085d149.svg HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "f18379cf1f27d22abd9e9cf44085d149"
last-modified: Thu, 04 Apr 2024 04:13:37 GMT
server: Akamai Resource Optimizer
x-amz-id-2: /ivOQEAPlLxy6ABqMqqC3InKUzTz1djHXQ/gdr/uNBxf7hAvV0+5eP45t4lE4WLig9FN+ejaMlM=
x-amz-replication-status: COMPLETED
x-amz-request-id: QPRYZEFTCYWA4V0W
x-amz-server-side-encryption: AES256
x-amz-version-id: HO.JVhBPmB4DCNod104cLkb.GoIRcZ1M
content-length: 303
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:51 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.218.92.84,b=127545652,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184891.79a3134%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff, nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_amex.84088b520ca1b3384cb71398095627da.svg | 23.218.92.88 | 200 OK | 448 B |
URL GET HTTP/2a0.muscache.com/airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_amex.84088b520ca1b3384cb71398095627da.svg IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash84088b520ca1b3384cb71398095627da 01d3270dce9b28e83661b2174bb5206ef5bfc539 8dfbae0dacd10d301e21a35cda20b66fd32f1ffe176842fcb28590512d756503
GET /airbnb/static/packages/assets/frontend/legacy-shared/svgs/payments/logo_amex.84088b520ca1b3384cb71398095627da.svg HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: br
etag: "84088b520ca1b3384cb71398095627da"
last-modified: Fri, 19 Apr 2024 20:03:45 GMT
server: Akamai Resource Optimizer
x-amz-id-2: DVpXZw36otP7OdhIFjGNqkdYqEAk9wzS66DS3m2ZoC4ipYxTgWfGvV7h+KNHx8yCqnk0TbL6Hr2vDfQ3eFXNRQ==
x-amz-replication-status: COMPLETED
x-amz-request-id: SM965EJ15JE4FSEY
x-amz-server-side-encryption: AES256
x-amz-version-id: 3kwljs_GONc7PIf1kREn_B2BVJL1KX15
content-length: 448
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:51 GMT
date: Wed, 08 May 2024 16:14:51 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.38.113.86,b=693165756,c=g,n=US_MA_BOSTON,o=20940], [a=23.218.92.84,b=127545653,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184891.79a3135%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=UNSET, cdn-cache; desc=HIT, edge; dur=0, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff, nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.livechatinc.com/tracking.js | 23.36.79.16 | 200 OK | 27 kB |
URL GET HTTP/2cdn.livechatinc.com/tracking.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash227c5f0e783b70d7054594d0e8bb0c62 640265975955d84c52df87a31abd1c544eb5d950 686c8d20285c1b2c87eeb37f7b477b7a1ed2609305528cd4bc852a5585b0292b
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 11:34:21 GMT
etag: W/"227c5f0e783b70d7054594d0e8bb0c62"
x-amz-server-side-encryption: AES256
x-amz-version-id: IPs8y.irYFc.V2rVe5x1_a4NPDBB4Sfb
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: _-2DOE10M9s6qs-jVWanWCiO70R7n1iML_e3g3VxZIBxGmWOi2PU2w==
content-length: 27429
cache-control: max-age=28800
expires: Thu, 09 May 2024 00:14:52 GMT
date: Wed, 08 May 2024 16:14:52 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/fonts/e849748a22ab45f0052876d59d0b3300.woff2 | 172.67.179.248 | 404 Not Found | 162 B |
URL GET HTTP/3static.kozlznmfjuai344.xyz/fonts/e849748a22ab45f0052876d59d0b3300.woff2 IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash1b7c22a214949975556626d7217e9a39 d01c97e2944166ed23e47e4a62ff471ab8fa031f 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/e849748a22ab45f0052876d59d0b3300.woff2 HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWtrYfXxo%2BIYnhnPeeyUVLYkoIezJYomzMGJ5BG24ZvID9M0m2afpxbn36flhnIP9CJQrqydEpizCD73Tw22SQj2dF%2F99ujzr9GB%2FEVx0LgmQYu0DMvYSzQV6YRn8HxjDU2yjSf%2BHJLRlfqm%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abeca182db523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/fonts/6e81c07f6ec6eb6250e1a7c8d952c823.woff | 172.67.179.248 | 404 Not Found | 665 B |
URL GET HTTP/3static.kozlznmfjuai344.xyz/fonts/6e81c07f6ec6eb6250e1a7c8d952c823.woff IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Hash3f3801be251565e48cb6251ff1fcaea1 c2fb1c3c86e012c53a997c29c8036e8df805ee10 0ab1daf32ea6f369e62026c935320400d5910d95445fd1503291ee794ea2240b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/6e81c07f6ec6eb6250e1a7c8d952c823.woff HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WBfvrByrrqqjWpRsdIo2qTl5wnYxdX5zjzx%2FRXbkPCOkWyVmdpLsuPW5spFTQUIR76dpbQN8h95AewHqrJA3iDvwn7aftiZIx%2BHlJwRm0S%2Fn8pye%2F3DS8h6sH4rhnbReKYSVxAHlufS0PZ6BFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abecac84b56c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.kozlznmfjuai344.xyz/fonts/Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2 | 172.67.179.248 | 404 Not Found | 5.0 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/fonts/Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2 IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Hash150d9906084a91dd87ccce89e242b945 e0e4a71d95dd6e58ec6468ce13246b00f826eb52 8621abfd430f7984e584961ea00804f2512a5716dd1aeb405abd7f2626cb2030
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2 HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V40c2%2BDfZ2zjI9DZ4ZBxI7ree9GlkKWV6anFtbjoeW48fCcu0MWoojz%2FVg1cT4HufkdWU%2F3iU8lgCUcyJ5ql9n5td3hka61MKo9PygnMRspHMclPAg03uwlROZ2%2F1v8PTrURifV8bqww4nko2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abeca182bb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a0.muscache.com/airbnb/static/airbnb-o2//fonts/Circular_Air-Book-030dcebde359eb3be354ab21c34a89ce.woff | 23.218.92.88 | 200 OK | 84 kB |
URL GET HTTP/3a0.muscache.com/airbnb/static/airbnb-o2//fonts/Circular_Air-Book-030dcebde359eb3be354ab21c34a89ce.woff IP23.218.92.88:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectwww.airbnb.com Fingerprint48:D1:DB:6F:99:BB:65:38:E3:0B:4D:23:B9:FA:AC:77:20:7A:75:9F ValidityWed, 13 Mar 2024 00:00:00 GMT - Wed, 12 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 83840, version 0.0 Hashe2ff0456e84ba1e39f958984940a063a 9098569f70c9e1f8f16c6c9c6b5f9f52a539b5e2 5281c9b9b553997bce05ab1b7ed128583cbf97c8dea8e6bf0711eae3d2bcc17c
GET /airbnb/static/airbnb-o2//fonts/Circular_Air-Book-030dcebde359eb3be354ab21c34a89ce.woff HTTP/1.1
Host: a0.muscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
x-amz-id-2: KDJqSE2aV2iPoZW9E65uagivGwncl/fKof9HXH1taEUIAN+XSKua2ZRgttZ8r2axqkPYMxa7++4cY3bvECjdHjIZs6PRaWJa
x-amz-request-id: W560YKBQA1SQ67J1
access-control-max-age: 0
x-amz-replication-status: COMPLETED
last-modified: Wed, 10 Apr 2024 09:53:06 GMT
etag: "e2ff0456e84ba1e39f958984940a063a"
x-amz-server-side-encryption: AES256
x-amz-version-id: O4JlaVTiK7.1n_xG_StdNdl3Ym1XV7g.
accept-ranges: bytes
content-type: binary/octet-stream
server: AmazonS3
content-length: 83840
cache-control: public, max-age=31536000
expires: Thu, 08 May 2025 16:14:52 GMT
date: Wed, 08 May 2024 16:14:52 GMT
quic-version: 0x00000001
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=23.218.92.84,b=127545971,c=g,n=SE_AB_STOCKHOLM,o=20940]
x-airbnb-sureride: c1a1c.0.545cda17.1715184892.79a3273%%h1
cachestatus: cache
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=UNSET
strict-transport-security: max-age=10886400; includeSubDomains
x-content-type-options: nosniff
accept-ch-lifetime: 2592000
accept-ch: device-memory, ect
access-control-allow-methods: GET
access-control-allow-origin: *
timing-allow-origin: *
|
|
| static.kozlznmfjuai344.xyz/fonts/e849748a22ab45f0052876d59d0b3300.woff2 | 172.67.179.248 | 404 Not Found | 520 B |
URL GET HTTP/3static.kozlznmfjuai344.xyz/fonts/e849748a22ab45f0052876d59d0b3300.woff2 IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeHTML document, ASCII text, with very long lines (358), with CRLF line terminators Hash88be7551a8fda516002f92f37600fe63 a58711e29d4a9558d0924c1c3aa54be4e1bcccf9 a44d14a0c3235f33e328ddf73af209e3419170721398df7688ab409247b23495
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/e849748a22ab45f0052876d59d0b3300.woff2 HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVwnWLpUX4yXE2Xj6nFsZLkJ7gKIFdZaHnnTzJV6WODNimnxTxzrDYT0i8eiG2sKLvtsFBfUq%2BsXpFIgMTgr7LUP%2Bq6uGjQa7ND7vg6klLJuHt4z%2FjRcbkiA1pqdgKySbTMmQ3tYYJty5XcLNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abecbd9fb56c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/images/android-icon-192x192-c0465f9f0380893768972a31a614b670.png | 172.67.179.248 | 200 OK | 7.4 kB |
URL GET HTTP/3static.kozlznmfjuai344.xyz/services/airbnb/images/android-icon-192x192-c0465f9f0380893768972a31a614b670.png IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typePNG image data, 192 x 192, 8-bit colormap, non-interlaced Hash31ed5c4060dc0321ccfe3aa76e120a37 2a565e85f52a271bd599359b1a610faaaa81f509 c88f6b661daca0190f2cd09d23cd304aaf50960c7687f7698a19189a8b28d9c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/images/android-icon-192x192-c0465f9f0380893768972a31a614b670.png HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:14:53 GMT
content-type: image/png
content-length: 7384
last-modified: Wed, 24 Apr 2024 12:47:58 GMT
etag: "6628ff7e-1cd8"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WV0kayLQSvqUtcW8BrX5t4QqQFwjH%2FvMahSVdaQAR75xANCWBDYbQx%2Fa%2BOupYUwMh5CFOPbzFFwBwGmNJ9qI0KwzX2H6BcAh0%2BWtiNkODqE42UtaEcB0oPKdu9p592kRYoBV4FjEbyF2E1cxWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abece1f3f5696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=d1dc8380-18ec-4245-8152-583264d919d2&version=22.0.1.3.11.11.1.1.1.1.1.2.3&group_id=0&jsonp=__lc_static_config | 23.36.79.16 | 200 OK | 1.4 kB |
URL GET HTTP/2api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=d1dc8380-18ec-4245-8152-583264d919d2&version=22.0.1.3.11.11.1.1.1.1.1.2.3&group_id=0&jsonp=__lc_static_config IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (4427), with no line terminators Hash6f88938aa68448073186670bcf50fe51 31b0c12daad083d6e0253fb6da931778c8501588 e3a4da8b361f9b4215d69b87bbb8b4fb6bd468ef253c43919ac6d5675ee68708
GET /v3.4/customer/action/get_configuration?organization_id=d1dc8380-18ec-4245-8152-583264d919d2&version=22.0.1.3.11.11.1.1.1.1.1.2.3&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
vary: Accept-Encoding
content-length: 1434
cache-control: public, max-age=600
expires: Wed, 08 May 2024 16:24:53 GMT
date: Wed, 08 May 2024 16:14:53 GMT
X-Firefox-Spdy: h2
|
|
| api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=d1dc8380-18ec-4245-8152-583264d919d2&version=384c496c023913b78d3837c106ac447e_81dde7d5af409241cb24ddc3535b2a02&language=en&group_id=0&jsonp=__lc_localization | 23.36.79.16 | 200 OK | 3.9 kB |
URL GET HTTP/2api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=d1dc8380-18ec-4245-8152-583264d919d2&version=384c496c023913b78d3837c106ac447e_81dde7d5af409241cb24ddc3535b2a02&language=en&group_id=0&jsonp=__lc_localization IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (10969), with no line terminators Hash98fa623eaa3c199f1d9f714dfb969789 768f47dada9981055d31f2341de263b260f1c460 3cfedf1cd0a3f5a4cdb3ca7ec261db56fe47ab6e56d4495bb28e331d912f93c9
GET /v3.4/customer/action/get_localization?organization_id=d1dc8380-18ec-4245-8152-583264d919d2&version=384c496c023913b78d3837c106ac447e_81dde7d5af409241cb24ddc3535b2a02&language=en&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Wed, 08 May 2024 16:24:53 GMT
date: Wed, 08 May 2024 16:14:53 GMT
content-length: 3851
X-Firefox-Spdy: h2
|
|
| secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 | 23.36.79.16 | 200 OK | 2.6 kB |
URL GET HTTP/2secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (8894), with no line terminators Hashede8878289a56593389ae1036c68f2d3 1e41594fa97f7ba7c28139821a0e1d04f9bf886a 8fa5e668a45be6d54327965a4ec78fe548f1577e73cff490d36618a34c950c95
GET /customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Wed, 08 May 2024 16:14:53 GMT
content-length: 2601
X-Firefox-Spdy: h2
|
|
| cdn.livechatinc.com/widget/static/js/0.c662232b.chunk.js | 23.36.79.16 | 200 OK | 66 kB |
URL GET HTTP/2cdn.livechatinc.com/widget/static/js/0.c662232b.chunk.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65462) Hashac1b9724f6e6781a506d9c1680a44b84 3edeb0fa635d4cbb4a855647c733a75cf9985d78 0723231b5ea38a06f08f621162e51cc56bc53b08e626087d7260127f808ea928
GET /widget/static/js/0.c662232b.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2024 13:11:22 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 7kC.itQ.Ypj0BYDgcp9jBDxxhaTS9ku.
server: AmazonS3
content-encoding: br
etag: W/"ac1b9724f6e6781a506d9c1680a44b84"
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: V_bc3EUgIRuvEgDS_h4fUL28rHZGC3SYP13FpxT3rtBJjBIqUpr5TA==
content-length: 66444
cache-control: max-age=31536000
expires: Thu, 08 May 2025 16:14:53 GMT
date: Wed, 08 May 2024 16:14:53 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/fonts/aa2d47eb2546474277f786c491deb100.woff2 | 172.67.179.248 | 404 Not Found | 98 kB |
URL GET HTTP/3static.kozlznmfjuai344.xyz/fonts/aa2d47eb2546474277f786c491deb100.woff2 IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Hash64ac4f0531851d9a4987c9498ab3c763 642a505d7ec2c05fbf4a9c50c78634ccd05dbe6b 61285ee67994c7925b5404a5bde8c93b90525abba0f7c51026476bf18a866b13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/aa2d47eb2546474277f786c491deb100.woff2 HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGEigdKGPhWnzdYxuVGUKxemvl1aD91iVAzcmCq35v0ePV68y3tdKCq8TCBhJ%2BTAXh%2F1QhttY8FaFYc%2FkaZLz%2BWmXWfSd5Fi5lJcSk0Uzl%2FWeC9U9h3aZ2rGFdAs984nXMWJZlmXusXkgQNrxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abecc3a7a56c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.kozlznmfjuai344.xyz/fonts/6e81c07f6ec6eb6250e1a7c8d952c823.woff | 172.67.179.248 | 404 Not Found | 156 kB |
URL GET HTTP/3static.kozlznmfjuai344.xyz/fonts/6e81c07f6ec6eb6250e1a7c8d952c823.woff IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Size156 kB (156108 bytes) Hash79b8da24515c99453e739c0c0ba3b0ea 1e9cf99f336714f089b51f3c34b3ba8c32e15535 305cbd426ecd0a0bf637aeb0eab5461d5050a05a6dd648362d2e805767b379c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/6e81c07f6ec6eb6250e1a7c8d952c823.woff HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xfvfviMy6O7nhCJaFTlOBota4SaL9k%2BMNmPZPJ3ouP6YS4qU%2BnLsICFxqtCPlaSOYvbkABr3SOLwny%2FG15I%2BryBE1vayuwtgo5RmHbtT0nn9YCK9%2F5BrxukSR5kqYt9qCl33e71Z1tI%2Bz9jo5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abecc3a7c56c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| api.livechatinc.com/v3.5/customer/rtm/ws?organization_id=d1dc8380-18ec-4245-8152-583264d919d2 | 23.36.79.16 | | 0 B |
URL api.livechatinc.com/v3.5/customer/rtm/ws?organization_id=d1dc8380-18ec-4245-8152-583264d919d2 IP23.36.79.16:0 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.5/customer/rtm/ws?organization_id=d1dc8380-18ec-4245-8152-583264d919d2 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AQy1qrO/ApYGfGE3J0Ua3g==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: VZRKaXhS5Myh7VYth8v2X72wcFQ=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
Date: Wed, 08 May 2024 16:14:54 GMT
Upgrade: websocket
Connection: Upgrade
|
|
| accounts.livechatinc.com/v2/customer/token | 23.36.79.16 | 200 OK | 195 B |
URL POST HTTP/2accounts.livechatinc.com/v2/customer/token IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash1a00825e2a3b74d6d09bd65b2119a8ff 3762ae9f49ea17a568b0304747f185fcc55fb375 38dea44cfa51c6f7b794ba25c60b9f1e2ad18585fd4c6adc52c827f29c76f563
POST /v2/customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 225
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 195
date: Wed, 08 May 2024 16:14:54 GMT
set-cookie: __lc_cid=f1faabd5-7a33-4a98-9f2d-7622c219d578; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 08 May 2026 16:14:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned
__lc_cst=d69372cc869bcf32a8c44d86ee926bb2bbbec8b9f75312c55e6d179c7379f32eeeb828b27ae20e4569126d3df698b3ec5d7ad9c7740e9b5643ee73f1c7ca; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 08 May 2026 16:14:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned
__lc_cid=f1faabd5-7a33-4a98-9f2d-7622c219d578; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 08 May 2026 16:14:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned
__lc_cst=d69372cc869bcf32a8c44d86ee926bb2bbbec8b9f75312c55e6d179c7379f32eeeb828b27ae20e4569126d3df698b3ec5d7ad9c7740e9b5643ee73f1c7ca; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Fri, 08 May 2026 16:14:54 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None; Partitioned
__oauth_redirect_detector=counter=1&t=1715184924&tag=d30d12008c4184994473d724ec93e9062a98a775; Path=/; Expires=Wed, 08 May 2024 16:15:24 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| queue.livechatinc.com/logs | 23.36.79.17 | 429 Too Many Requests | 29 B |
URL POST HTTP/2queue.livechatinc.com/logs IP23.36.79.17:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash0bac9e72f8cbf7bc58bd7b663d87d6d4 8b1a08bbd7adaf83756a9ba3a9452df13364b5bc 8b83904ef41f335e3e2f9a4f5e40299d5f95c6eb1ed35052bffafdadaccd6dff
POST /logs HTTP/1.1
Host: queue.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1061
Origin: https://secure.livechatinc.com
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
access-control-allow-origin: https://secure.livechatinc.com
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type,Authorization
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
content-length: 29
etag: W/"1d-ixoIu9etr4N1apujqUUt8TNktbw"
expires: Wed, 08 May 2024 16:14:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 08 May 2024 16:14:55 GMT
X-Firefox-Spdy: h2
|
|
| cdn.livechatinc.com/widget/static/js/3.e0c41e43.chunk.js | 23.36.79.16 | 200 OK | 12 kB |
URL GET HTTP/2cdn.livechatinc.com/widget/static/js/3.e0c41e43.chunk.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (38182), with no line terminators Hash9c6988c1887745b25cb90feffdb9ded7 a4de955fd10c3027e9f3fe9a0e5c978462aa4080 f83c30b54dab80a3c9e963fb649551358e7a29bfec43f1d36b5f1e6a6fbfdbd6
GET /widget/static/js/3.e0c41e43.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2024 13:11:21 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: u_dnDOXYZKLHl4LuzD9gC1d3KiYQ9tnz
server: AmazonS3
content-encoding: br
etag: W/"9c6988c1887745b25cb90feffdb9ded7"
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: gFYvtsZkS18IJDIbxpjVLu_y7gu7ZnIJFeqsdpkSFa63FD-1uQ8Nuw==
content-length: 11732
cache-control: max-age=31536000
expires: Thu, 08 May 2025 16:14:55 GMT
date: Wed, 08 May 2024 16:14:55 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/common_js/main.js | 172.67.179.248 | 200 OK | 26 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/common_js/main.js IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeJavaScript source, ASCII text, with very long lines (13050), with no line terminators Hash38ddbeb6c445d959fc9338f53cb6e5b8 0ec3fa72e95f4e8b4da6ce4fd3d9cfc392976831 f0fd7a78c210b74899854eef86e10c6d9a9e079bb2c2904f4b903824883e0eeb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common_js/main.js HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 23:39:21 GMT
etag: W/"66205da9-32fa"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=curQLD5ZqK2XyUAMx%2BEhPT7DNgXw46ONISziEQsOGJTeCE%2BixWd8u%2FyRXDYQXJ4siMF2BocimMjrKOhnK%2F%2FDvjCd1VHWqZyniKARpiHmXJb1mH7GjpAaTsqSU5UcjG6Ns2nCjhB0DJ5RMUuJqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec3aa591c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.livechatinc.com/widget/static/js/main-view.66dfcb66.chunk.js | 23.36.79.16 | 200 OK | 26 kB |
URL GET HTTP/2cdn.livechatinc.com/widget/static/js/main-view.66dfcb66.chunk.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash83be4779cf30260035eef31b743d142e 39633065651b27db3199228323e9e609b5492efc 7296d39bfba467bf1a80c29708955e3bcb3d6d366c5b26b82c942c122f47d071
GET /widget/static/js/main-view.66dfcb66.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 10:30:40 GMT
etag: W/"83be4779cf30260035eef31b743d142e"
x-amz-server-side-encryption: AES256
x-amz-version-id: kjyMZwQEzuyEkXdjgfIwvturEeSBMYf5
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: -87xmrgdjKVz8Ckev-qPPYfLXqfDC4B6cFKSS07Bww74BAnfPa6lvw==
content-length: 26508
cache-control: max-age=31536000
expires: Thu, 08 May 2025 16:14:55 GMT
date: Wed, 08 May 2024 16:14:55 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.livechat-static.com/api/file/lc/img/default/avatars/394ad6e3df2320941ab8e0ca147d5221.png | 23.36.79.16 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.livechat-static.com/api/file/lc/img/default/avatars/394ad6e3df2320941ab8e0ca147d5221.png IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typePNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced Hash81f0e50eda49ac6074ea5f7f9d4712ee c79b53ea105f183c62eaab6e120bb55e84269907 b89ef64972143825627f6ca4c9ed493a55f3be06f91db75a95a1fb20c09c124e
GET /api/file/lc/img/default/avatars/394ad6e3df2320941ab8e0ca147d5221.png HTTP/1.1
Host: cdn.livechat-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 1196
content-type: image/png
cache-control: private, max-age=8619
date: Wed, 08 May 2024 16:14:55 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.livechat-static.com/api/file/lc/img/default/avatars/394ad6e3df2320941ab8e0ca147d5221.png | 23.36.79.16 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.livechat-static.com/api/file/lc/img/default/avatars/394ad6e3df2320941ab8e0ca147d5221.png IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typePNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced Hash81f0e50eda49ac6074ea5f7f9d4712ee c79b53ea105f183c62eaab6e120bb55e84269907 b89ef64972143825627f6ca4c9ed493a55f3be06f91db75a95a1fb20c09c124e
GET /api/file/lc/img/default/avatars/394ad6e3df2320941ab8e0ca147d5221.png HTTP/1.1
Host: cdn.livechat-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 1196
content-type: image/png
cache-control: private, max-age=8619
date: Wed, 08 May 2024 16:14:55 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| air.bnb-id8303.com/payment/187448782 | 188.114.97.1 | 200 OK | 270 kB |
URL User Request GET HTTP/2air.bnb-id8303.com/payment/187448782 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectbnb-id8303.com Fingerprint87:71:EF:65:9C:D2:78:B7:E7:1D:0F:A8:03:F0:9A:16:32:4C:4B:B3 ValidityTue, 07 May 2024 10:32:50 GMT - Mon, 05 Aug 2024 10:32:49 GMT
Size270 kB (269869 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Airbnb, Inc. |
GET /payment/187448782 HTTP/1.1
Host: air.bnb-id8303.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.4.0-dev
cache-control: no-store
set-cookie: sess_id=SESSGZmAZi7JGnIzfmP6w7AmnQfBpz7XqYzj0ACVCaskc; expires=Thu, 09 May 2024 16:14:50 GMT; Max-Age=86400; path=/
ad_session_id=ADSESSQUpy536h3BE2z0xjvnUs6Hn9FvQYYeuOGzE6UozJ4; path=/payment/187448782
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FN2XmHo8DgI5uLG85Zjqc3wcrBanT0J%2FByCRVn3nHdpHOJ66dUQgtRDyh%2BsUSisWNIT1Cc7IN%2BbBRfvpFIK06GqNKh5y2vfgenLqqTjgU34qfAO1ad9FuMRqA7hzIsFQPYH%2FROw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880abebd8bb8b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/css/main.bundle.css | 172.67.179.248 | 200 OK | 358 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/services/airbnb/css/main.bundle.css IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Size358 kB (358126 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/css/main.bundle.css HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 12:47:58 GMT
etag: W/"6628ff7e-576ee"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUG%2F5zrx0P9vY9cosl5yqk36AwDWsIGq3psF0rzZZFX0BaZ0AA3utTnp%2BgPSeiDfv8XS6MqNSis3JivzIJWSQWSv6e5nqydfMy%2BbO3ixa1Mr2n0Q7x%2FHMZOzNRIAfKWs3K6MphvIhWdeoWvAsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec36d14b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/js/jquery.inputmask.min.js | 172.67.179.248 | 200 OK | 117 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/services/airbnb/js/jquery.inputmask.min.js IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeJavaScript source, ASCII text, with very long lines (65351) Size117 kB (117175 bytes) Hash6000def81536f43eb9c53ac947e60f09 dac5c48155d0f1a12f89d8be7f7414aae12e4a47 8e969d5b71d851085b4b8b4647b908799af562cbf8f738a59ca8b48e27e4c2d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/js/jquery.inputmask.min.js HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 12:47:58 GMT
etag: W/"6628ff7e-1c9b7"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9I7pG9vJkXtmqyxrVqwehm%2F8H6MHnmLIPz0ibmZl3ZjTTRLtSlM1phOz6FUTiShOqNN%2FuIgcyssbpGj23p%2FeX8Clei6GLNDW0%2BGM%2BPbsOVPTm5qhRchEu8jNlwuSeHQu6OpsmEtdH1lmlBeIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec37a291c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Medium-4bc8dafd2e0fd8914bf4d5edce9acd24.woff | 172.67.179.248 | 404 Not Found | 162 B |
URL GET HTTP/3static.kozlznmfjuai344.xyz/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Medium-4bc8dafd2e0fd8914bf4d5edce9acd24.woff IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeHTML document, ASCII text, with no line terminators Hash2b838659c6ea3bbc1241837a1b44840b 296c38b80b7304bd14e5b6c934fca1c32d687917 a9ac287e62f49a385bf05052b658eea54ad6811b368db66f58b581a61435c9ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Medium-4bc8dafd2e0fd8914bf4d5edce9acd24.woff HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0HjNIAJ%2F9y8B2aaJWefp4MXWuFue0WvjuYwiQaWfN472jeoZlrRmcMJOVLvI322VzrvbN%2B08VUqRaIxEapZrqa4sPmiwKmu8C98CErsp4wCls8Xl7GXczqRejvYLp9sVKetkrtMsBzom%2FjQSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abecad86556c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.kozlznmfjuai344.xyz/fonts/a4885a20ff025dad159a2f9a06376a3e.woff | 172.67.179.248 | 404 Not Found | 162 B |
URL GET HTTP/3static.kozlznmfjuai344.xyz/fonts/a4885a20ff025dad159a2f9a06376a3e.woff IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeHTML document, ASCII text, with no line terminators Hash2b838659c6ea3bbc1241837a1b44840b 296c38b80b7304bd14e5b6c934fca1c32d687917 a9ac287e62f49a385bf05052b658eea54ad6811b368db66f58b581a61435c9ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/a4885a20ff025dad159a2f9a06376a3e.woff HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 08 May 2024 16:14:53 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MHmziQH2P0oERtJJinRQwULekkm%2FnLlCUH9DHxpn3GWlkAweTwz6K0Re63yZCHhgkhhmfBNiCRgDui%2Bb%2BvbtZakMQxh71G2ViQ3XNnpn0C941YwxarJ5SPSxmaRe0TD%2FvPGJBB5sOaL5c7eZ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abecccb3656c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/js/custom.js | 172.67.179.248 | 200 OK | 11 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/services/airbnb/js/custom.js IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/js/custom.js HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 13:50:39 GMT
etag: W/"66290e2f-2ab5"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zx%2FclfRwQDuui2UNXIwtgnB3Ym61LtoOPWXwZcxY%2Fasy2VlZorKihV9opRA3uUtUOZD9kz1yesOsS1XSFq8LqiBwdKJJPE%2BVqcbGZl0dJJFXhXFa4nDq%2FgE9yWLICnBI4zdTnpKWPPC6EP2taA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec37a241c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| air.bnb-id8303.com/api/init_livechat_chat | 188.114.97.1 | 200 OK | 15 B |
URL POST HTTP/3air.bnb-id8303.com/api/init_livechat_chat IP188.114.97.1:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerGoogle Trust Services LLC Subjectbnb-id8303.com Fingerprint87:71:EF:65:9C:D2:78:B7:E7:1D:0F:A8:03:F0:9A:16:32:4C:4B:B3 ValidityTue, 07 May 2024 10:32:50 GMT - Mon, 05 Aug 2024 10:32:49 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashfd7f7858b7ad0aa0cf27be4e4fa43e4a 494840c0db1960af6cbbdd4d8eac5688a4b90477 13b434467b85b40f712cba7f046feadcae69278d3267323940d06be2132fa4ce
Analyzer | Verdict | Alert | OpenPhish | phishing | Airbnb, Inc. |
POST /api/init_livechat_chat HTTP/1.1
Host: air.bnb-id8303.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://air.bnb-id8303.com/payment/187448782
Content-Type: application/x-www-form-urlencoded
Content-Length: 110
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Cookie: sess_id=SESSGZmAZi7JGnIzfmP6w7AmnQfBpz7XqYzj0ACVCaskc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:14:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.4.0-dev
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WU4sMS58RA6vCzbq7TrXnlNA7O3Yrtk6FW%2Fu%2FOAGXULppLsAhmTjccLbV7jbaCJWE7%2FGlIL5ZG6j8BtCoL2EPz3tj5BOMptoaJufRMFSrBYgPgzVQdeBGORTdPc%2BI2UCPUHBLPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880abed66c0cb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| service10.kozlznmfjuai344.xyz/connect_websocket?ad_session_id=ADSESSQUpy536h3BE2z0xjvnUs6Hn9FvQYYeuOGzE6UozJ4 | 172.67.179.248 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1service10.kozlznmfjuai344.xyz/connect_websocket?ad_session_id=ADSESSQUpy536h3BE2z0xjvnUs6Hn9FvQYYeuOGzE6UozJ4 IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /connect_websocket?ad_session_id=ADSESSQUpy536h3BE2z0xjvnUs6Hn9FvQYYeuOGzE6UozJ4 HTTP/1.1
Host: service10.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://air.bnb-id8303.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 581T31W/XjwIV+UVOYlUUQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 16:14:52 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TT2J9Gr3rDenyKCC9XGf88qTf/U=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYBBHQ%2BJfO4XJhx5zoai9xS6CvG5SWDGkaRiGsyFZVmWX6qCtv4ZpIsa0eXcgWnasvKEe8tRgD%2B8Yt6ebmAAwneuiN4h9C072PbRvpf%2B50w%2BzDY%2BU6MTj3eTF29%2BAOTSczhXE9rKcoOZCmVufdcSbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 880abecb9bbab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/js/service.js | 172.67.179.248 | 200 OK | 1.0 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/services/airbnb/js/service.js IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeASCII text, with very long lines (1068), with no line terminators Hasha5bbabe9dbebdd690aa095352e2c2086 5db34dc22452125c4079c2b807477caec0ad441a f46df886dbf3fe6857c42ba0214d0b55018ee051d95bc43862184e83a9d016e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/js/service.js HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 14:01:23 GMT
etag: W/"662910b3-40e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alMshFGrThaS764VT2nlLxV5RASLAKhWDEUBj8Ls2CruDha8OsuVfwEkmfVPul1fqlfJb6woZmph%2BBHDu72%2B82ZinFmiTKzCHqpnOwYuHLeDGcuwlg523ge%2Bh%2BLtakFcwnGbENNnnl4aYVsCcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec3aa4b1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/css/dls-lite_cereal-47d27fa833e062fe3413637eb751001f.css | 172.67.179.248 | 200 OK | 10 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/services/airbnb/css/dls-lite_cereal-47d27fa833e062fe3413637eb751001f.css IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeASCII text, with very long lines (305) Hashed5332e07ff1fb5063ff2101c027daca a458e8903428834c084f108a471ce0953513bb34 7bf5ec473142c7c304037015c8b0d19f8edc773eeb0844ba826716f2cea60051
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/css/dls-lite_cereal-47d27fa833e062fe3413637eb751001f.css HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 12:47:58 GMT
etag: W/"6628ff7e-272e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wcnkgTQPlqZDQOr3RljIO5vIHw159BgUJnNT5BtGFBJnpzdZsbfXv2aZrlChbxBf%2FOnidt6lHw1T3zdFKBofLumW0LpqcL0rHfUdD%2FH9pVrteZtkCD44kF4vkx3nsd0s86j6uXhj%2ByrSLNizBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec39d6db523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff | 172.67.179.248 | 404 Not Found | 162 B |
URL GET HTTP/3static.kozlznmfjuai344.xyz/airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeHTML document, ASCII text, with no line terminators Hash2b838659c6ea3bbc1241837a1b44840b 296c38b80b7304bd14e5b6c934fca1c32d687917 a9ac287e62f49a385bf05052b658eea54ad6811b368db66f58b581a61435c9ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /airbnb/static/airbnb-dls-web/build/fonts/Airbnb_Cereal-Book-aa38e86e3f98554f9f7053d7b713b4db.woff HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BdM1%2F9OCV9wRXV0gSmbrcfIee1PUTVKo4HNCsM0XHPGmaG4dHL1%2BZBSQXvjHq23Os1JeOVBvwfqpLMfv0Fh5Sjh6CVLl3Ws8sjt02%2FsaeGltAQLR5teEkhxCWblqnl0njQ2VsFbvJ8de20OBxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abeca6fcf56c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| api.livechatinc.com/v3.5/customer/rtm/ws?organization_id=d1dc8380-18ec-4245-8152-583264d919d2 | 23.36.79.16 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1api.livechatinc.com/v3.5/customer/rtm/ws?organization_id=d1dc8380-18ec-4245-8152-583264d919d2 IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.5/customer/rtm/ws?organization_id=d1dc8380-18ec-4245-8152-583264d919d2 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AQy1qrO/ApYGfGE3J0Ua3g==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: VZRKaXhS5Myh7VYth8v2X72wcFQ=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
Date: Wed, 08 May 2024 16:14:54 GMT
Upgrade: websocket
Connection: Upgrade
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/css/client.71144425bb.css | 172.67.179.248 | 200 OK | 1.6 MB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/services/airbnb/css/client.71144425bb.css IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Size1.6 MB (1588728 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/css/client.71144425bb.css HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 12:47:58 GMT
etag: W/"6628ff7e-183df8"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aseNiQtCFJIWLQaF3LxjYEtvJB8nuOUrb0Js6sipl89%2Fpt0J2UKq1bzlMTdUGa6GTq37JQP%2FlCkFwvty4k4zJYh5YqEYlV0De%2BJtzcnE0ThLbmj4sz2%2FTw6mJ8Z4bS0yHJzhENpO4OTGDaesRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec36d10b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17788611&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fair.bnb-id8303.com%2Fpayment%2F187448782&channel_type=code&jsonp=__f8938rlu0ih | 23.36.79.16 | 200 OK | 358 B |
URL GET HTTP/2api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=17788611&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fair.bnb-id8303.com%2Fpayment%2F187448782&channel_type=code&jsonp=__f8938rlu0ih IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (388), with no line terminators Hash66b31a01c4f80f0444a63197bc480d07 7ab071ceab7df15a195750b2b14bcb3526f36aea 709725b9f4059a29a0580197cfa338e9db1370a159dbd6d44bb97f443327fb96
GET /v3.6/customer/action/get_dynamic_configuration?license_id=17788611&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fair.bnb-id8303.com%2Fpayment%2F187448782&channel_type=code&jsonp=__f8938rlu0ih HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-security-policy: frame-ancestors https://air.bnb-id8303.com/;
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-frame-options: allow-from https://air.bnb-id8303.com/
content-length: 358
date: Wed, 08 May 2024 16:14:53 GMT
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/css/custom.css | 172.67.179.248 | 200 OK | 23 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/services/airbnb/css/custom.css IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Hash35953b6daa9b9d2da43b94795d67d675 fdb73ae67611ac3eefcaebf2f9cb1a6842b5e725 767b16ab6b23f8e6f389cb3010c0ad49836d8322cd01b4251e42f3f5a6687a3b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/css/custom.css HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: text/css
last-modified: Wed, 24 Apr 2024 12:47:58 GMT
etag: W/"6628ff7e-5aba"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2rDoTteH2sWaE1c7X48N6QEUhItyLcUy7un1Zz63DLkfyFsgV%2BGh89otYKcczyrPd7iOCBNHr3bRUpfzlNjjyk4WO0XI9ozNMOO0UDA1BjhAVUr4lv%2Br0J7AnmFffyiUagW1vPYo%2FaHpYplVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec3ad7ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2 | 172.67.179.248 | 404 Not Found | 162 B |
URL GET HTTP/2static.kozlznmfjuai344.xyz/fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2 IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeHTML document, ASCII text, with no line terminators Hash2b838659c6ea3bbc1241837a1b44840b 296c38b80b7304bd14e5b6c934fca1c32d687917 a9ac287e62f49a385bf05052b658eea54ad6811b368db66f58b581a61435c9ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2 HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://air.bnb-id8303.com
DNT: 1
Connection: keep-alive
Referer: https://static.kozlznmfjuai344.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 08 May 2024 16:14:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSuFU0v2r7SC%2Fk520YtHYbs7TlBalmBc7RKPssygkjGCCVp8kRKN4jt0WcH%2F0K%2BN9X%2FUj%2FMT12pC%2BK1D86SNkaw459fEEPUAf7eY5EWUvHU6VfF6%2B5nb8n3F0GjGSQbQrMe74ECprFH1lOa%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abeca1829b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.livechatinc.com/widget/static/js/1.6a1e7e16.chunk.js | 23.36.79.16 | 200 OK | 348 kB |
URL GET HTTP/2cdn.livechatinc.com/widget/static/js/1.6a1e7e16.chunk.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65462) Size348 kB (348530 bytes) Hashaf6b36995dc6b1a47e699eaf57ba5932 0f00363ee2af972df58ce59a21418af045edcd82 07e8a79ad327e2e13e59bc85ff0def00fb8390153a098eea8d4df64f36ccfc64
GET /widget/static/js/1.6a1e7e16.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 11:34:23 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: fxsX4gylAlHlUQOK9YXTTLZoB0rvbNNH
server: AmazonS3
content-encoding: br
etag: W/"af6b36995dc6b1a47e699eaf57ba5932"
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: 1-nxZE01uZd0dHUyhly8Sfh1nTAahNICfJs3QbPs0o6H5KA6FP5UQQ==
content-length: 98023
cache-control: max-age=31536000
expires: Thu, 08 May 2025 16:14:53 GMT
date: Wed, 08 May 2024 16:14:53 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| cdn.livechatinc.com/widget/static/js/2.a94a34fb.chunk.js | 23.36.79.16 | 200 OK | 76 kB |
URL GET HTTP/2cdn.livechatinc.com/widget/static/js/2.a94a34fb.chunk.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7ddc35cb91e2da7fd6b78378b38a3aa1 2c31af24723a0d47fc244fd6a02e168a3419c16a b86009acb6e9ee49ebc2aac50a482b511a544943fddcfa34c594f964cd90b19a
GET /widget/static/js/2.a94a34fb.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2024 13:11:21 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: GjdfvFrxyqT5jx4fRU4me003zS1EPipV
server: AmazonS3
content-encoding: br
etag: W/"7ddc35cb91e2da7fd6b78378b38a3aa1"
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: QtVsI8WsoK4oP0fZsZ_xgdaSa6GXnekYbIz6tZ4zjS45edJo-i0lBQ==
content-length: 22325
cache-control: max-age=31536000
expires: Thu, 08 May 2025 16:14:55 GMT
date: Wed, 08 May 2024 16:14:55 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/common_js/common_functions.js | 172.67.179.248 | 200 OK | 4.6 kB |
URL GET HTTP/2static.kozlznmfjuai344.xyz/common_js/common_functions.js IP172.67.179.248:443
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
File typeJavaScript source, ASCII text, with very long lines (4714), with no line terminators Hash71ed94205623b72423b85a652783b8e9 05484558986e8807fc834a6af2a26872ed6ad7ce 5f521f8c541e01f92b805aa6dbf12ae8b2d29d593d0755e873c78a1f944e744b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /common_js/common_functions.js HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:14:51 GMT
content-type: application/javascript
last-modified: Fri, 27 Oct 2023 15:45:51 GMT
etag: W/"653bdb2f-11dd"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2FMPbFgoy5FUFzb9o2PTyXYSaoR%2FYmgV%2Ff%2B3rCUytQo6Da5V90Mqn4JXPvJP%2FA5qS8aZWemD9Mh2K0%2BX%2BE0sfte8q3vzv83h%2FPsknO57jyIF2ZBc3355Yqjjp8pGy9g19D4x9nG3xDpT5y0kmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abec3aa4e1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.livechatinc.com/widget/static/js/iframe.7d5b107f.chunk.js | 23.36.79.16 | 200 OK | 578 kB |
URL GET HTTP/2cdn.livechatinc.com/widget/static/js/iframe.7d5b107f.chunk.js IP23.36.79.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://secure.livechatinc.com/customer/action/open_chat?license_id=17788611&group=0&embedded=1&widget_version=3&unique_groups=0 CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size578 kB (578414 bytes) Hash3ed89ff3e7f272d00fffc457a35f6f4a 10ee4c5a2623d9a46155dca08e538254a37406f1 9a57d426e55bfff07aba4ddd9262cf9005db9bd1c55bb20e61bb04b21107bcc6
GET /widget/static/js/iframe.7d5b107f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Tue, 07 May 2024 11:34:24 GMT
etag: W/"3ed89ff3e7f272d00fffc457a35f6f4a"
x-amz-server-side-encryption: AES256
x-amz-version-id: gX0nyP3kArTNbnRinnu6DF8kCKPsaTdo
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: vEspGE3loWt9zE1C76gd9ChOOwF2liGavl4068h8D5jooIJU5r5vWg==
content-length: 154633
cache-control: max-age=31536000
expires: Thu, 08 May 2025 16:14:53 GMT
date: Wed, 08 May 2024 16:14:53 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| static.kozlznmfjuai344.xyz/services/airbnb/images/logotype_favicon-21cc8e6c6a2cca43f061d2dcabdf6e58.ico | 0.0.0.0 | | 0 B |
URL GET static.kozlznmfjuai344.xyz/services/airbnb/images/logotype_favicon-21cc8e6c6a2cca43f061d2dcabdf6e58.ico IP0.0.0.0:0
Requested byhttps://air.bnb-id8303.com/payment/187448782 CertificateIssuerLet's Encrypt Subjectkozlznmfjuai344.xyz Fingerprint96:2E:E0:CE:3C:B3:5A:3F:96:90:A5:3C:6F:70:B1:42:A8:D2:50:F6 ValiditySun, 21 Apr 2024 05:47:28 GMT - Sat, 20 Jul 2024 05:47:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /services/airbnb/images/logotype_favicon-21cc8e6c6a2cca43f061d2dcabdf6e58.ico HTTP/1.1
Host: static.kozlznmfjuai344.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://air.bnb-id8303.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 16:14:53 GMT
content-type: image/x-icon
last-modified: Wed, 24 Apr 2024 12:47:58 GMT
etag: W/"6628ff7e-10be"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSo1BFQEApyXasJp1130PC9reqpS7lOxF8hesL%2FRY0eGoGRTCVmF6mEPaYxVUSeMJH0HA%2F12NSti7L74R6TxVBpBwA81MzXSQe7GDXIhH1AlPHpYBlRNuQccXyd4dyTjtIiRaq6uel5C7Wa8IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880abece1f425696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|