| auth-airbnb.com/api/socket/?EIO=4&transport=websocket&sid=TEwHkBeoIHPFL1CrABt9 |  172.67.185.203 | | 34 B |
URL auth-airbnb.com/api/socket/?EIO=4&transport=websocket&sid=TEwHkBeoIHPFL1CrABt9 IP172.67.185.203:0
Hash476b7c8b2887034ee16ecc014edb8713 4d57b9da42e9085bbfe11f4cf4dcfd19eef745a8 6d1af412da7343deb6344ad9e3423335f8f56a6e2a534a16828ff02e5dad4870
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET /api/socket/?EIO=4&transport=websocket&sid=TEwHkBeoIHPFL1CrABt9 HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://auth-airbnb.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nk5qNpFnwQg/kurvnmnNvQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 400 Bad Request
Date: Tue, 07 May 2024 17:14:11 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Brd5KPNVyRlTUiWPhdSIbimOA%2FCtnHmwbYAiSG7xxnSzobY%2FTvsisxo3H7tEEEBcNu99J%2FIzUAaoTIw2ztna%2BuReJzn7wOoxuWC1uM2HM%2FnaHwywEN2pXWjA528mPR4Xtoo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8802d84f6d5956c1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| auth-airbnb.com/bnb_logo.ico | 172.67.185.203 | 200 OK | 1.8 kB |
URL GET HTTP/3auth-airbnb.com/bnb_logo.ico IP172.67.185.203:443
CertificateIssuerLet's Encrypt Subjectauth-airbnb.com FingerprintD0:4A:61:A1:5A:E0:D8:CF:89:1C:BC:DB:1F:3C:DA:D6:2C:01:8B:91 ValidityWed, 10 Apr 2024 01:38:55 GMT - Tue, 09 Jul 2024 01:38:54 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash33517106fc325ce3c5507bbf8830ec0f 334e86dd53ee26f65165a283358733f753b14d59 9ba669d9ce07a2d4689edadaf5178a3296442567f4006e8e0e7de94b845c4a81
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET /bnb_logo.ico HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth-airbnb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:14:11 GMT
content-type: image/x-icon
access-control-allow-origin: *
last-modified: Tue, 07 May 2024 14:56:03 GMT
etag: W/"4286-1715093763954"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5706
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaOalWiD6eNHo0PCSocwfndgz5W5%2FArFbAxno05ZNSwDfFFfPtAA0cdJLYp2XsL%2FfvB2vXHd092n%2FMXW2rzTboKbxvjIVKZg2V3P61V%2FDFETKkh8EqeLjaU%2FNVL7Ij45N9c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802d84ee98d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| auth-airbnb.com/api/socket/?EIO=4&transport=polling&t=OzK36rB&sid=TEwHkBeoIHPFL1CrABt9 | 172.67.185.203 | 200 OK | 509 B |
URL POST HTTP/3auth-airbnb.com/api/socket/?EIO=4&transport=polling&t=OzK36rB&sid=TEwHkBeoIHPFL1CrABt9 IP172.67.185.203:443
CertificateIssuerLet's Encrypt Subjectauth-airbnb.com FingerprintD0:4A:61:A1:5A:E0:D8:CF:89:1C:BC:DB:1F:3C:DA:D6:2C:01:8B:91 ValidityWed, 10 Apr 2024 01:38:55 GMT - Tue, 09 Jul 2024 01:38:54 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
POST /api/socket/?EIO=4&transport=polling&t=OzK36rB&sid=TEwHkBeoIHPFL1CrABt9 HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain;charset=UTF-8
Content-Length: 2
Origin: https://auth-airbnb.com
DNT: 1
Connection: keep-alive
Referer: https://auth-airbnb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 17:14:11 GMT
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHWCUkbOYbPRca%2BMfoijWML%2FPU1OSw2%2BwVblicOqDb4CJb7p5dOZtnal5bcfd8LMTiBckLA07Ni%2B2yb33MDuQS5V7ED%2F60AFUO6KdzwVpCf4O7xL8A7Q6kjNt0gfatM7aJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802d84ee9a356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=jEg_Zha9fzVbLHZQ4mYSczacEQw_8LPsGlT4-U358jmGm0oBqVf__qXBqBiXPliuVCg1pju0nwkUvjLwevhSPHejxnyd4cAJl9ggmSB1vQHXgVipi_Jp7kQrSXRchKVc
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 07 May 2024 17:13:49 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 40
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| | 172.67.185.203 | 200 OK | 506 B |
URL User Request GET HTTP/2IP172.67.185.203:443
CertificateIssuerLet's Encrypt Subjectauth-airbnb.com FingerprintD0:4A:61:A1:5A:E0:D8:CF:89:1C:BC:DB:1F:3C:DA:D6:2C:01:8B:91 ValidityWed, 10 Apr 2024 01:38:55 GMT - Tue, 09 Jul 2024 01:38:54 GMT
File typeHTML document, ASCII text, with very long lines (553), with no line terminators Hashfc7dbd30495eddb147ff9d67bd4c337a c90ea33259cb79a8584f93852738b7f573319913 ab26bca164afbbdf5ab79518d65377d315e79c092cbcaa0b8c67bff0e255afa6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET / HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 17:14:10 GMT
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZ1RFAaoaALuoknpnDr5hkaVCnAOmz8AC82lOwkrbhBN6hxRd25ABJVshss21myihNPxyv4u3hvSKGkL5zlJldRAUkSQ7rJ1jPDMju2JgNHwP3z13D8qJ%2FjpwLcWPUugUN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802d849fe9fb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| auth-airbnb.com/assets/index-C2M-ulTr.css | 172.67.185.203 | 200 OK | 51 kB |
URL GET HTTP/3auth-airbnb.com/assets/index-C2M-ulTr.css IP172.67.185.203:443
CertificateIssuerLet's Encrypt Subjectauth-airbnb.com FingerprintD0:4A:61:A1:5A:E0:D8:CF:89:1C:BC:DB:1F:3C:DA:D6:2C:01:8B:91 ValidityWed, 10 Apr 2024 01:38:55 GMT - Tue, 09 Jul 2024 01:38:54 GMT
File typeASCII text, with very long lines (50584) Hash306d08239c7def72c6e1db0decd8d80b f03d9d8fd25a7d8101855a52de4f47cec2435f06 8e51df194e567d18c1b156f13c13fa39b8204145f20e850128f54e6f3877803f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET /assets/index-C2M-ulTr.css HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth-airbnb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:14:11 GMT
content-type: text/css
access-control-allow-origin: *
last-modified: Tue, 07 May 2024 14:56:04 GMT
etag: W/"50585-1715093764458"
cache-control: max-age=14400
cf-cache-status: HIT
age: 714
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2FphKslsK6A0boEJsQovvSrQqXdbNNAamyRUkr3zlrF%2F25rdMMEODAYsnFS81PCrN8f0EnXRPSQcG0A1GNmzWDkBWudOnX2m%2BRTGj%2FcYWHeQc4OUWYx3kmpgeOPyCrqjIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802d84cac2f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| auth-airbnb.com/api/socket/?EIO=4&transport=polling&t=OzK36rE&sid=TEwHkBeoIHPFL1CrABt9 | 172.67.185.203 | 200 OK | 32 B |
URL GET HTTP/3auth-airbnb.com/api/socket/?EIO=4&transport=polling&t=OzK36rE&sid=TEwHkBeoIHPFL1CrABt9 IP172.67.185.203:443
CertificateIssuerLet's Encrypt Subjectauth-airbnb.com FingerprintD0:4A:61:A1:5A:E0:D8:CF:89:1C:BC:DB:1F:3C:DA:D6:2C:01:8B:91 ValidityWed, 10 Apr 2024 01:38:55 GMT - Tue, 09 Jul 2024 01:38:54 GMT
File typeASCII text, with no line terminators Hashcfe3255709b7c84c67475fab494155e7 7231bf5474e2a6e844db6539457ed2136fac78e2 2eeafa5f45df715e47534cf232d4828d7792d2600b5e4c8086310fd3068bc5d4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET /api/socket/?EIO=4&transport=polling&t=OzK36rE&sid=TEwHkBeoIHPFL1CrABt9 HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth-airbnb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:14:11 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eH0kHp2Jn8qJpFIHAtGb9iFa9jKOUm6P2Soa2I3GI5ViXKoxa300d7Dv%2BQPjTwcE%2B9AFahD96163Lf9Pyeqv74hVd5poOdyNB%2BmYU13OOSq5d2bTfG%2BP4lEb1drWVeym59E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802d84ef9bc56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| auth-airbnb.com/api/socket/?EIO=4&transport=polling&t=OzK36t6&sid=TEwHkBeoIHPFL1CrABt9 |  0.0.0.0 | | 0 B |
URL GET auth-airbnb.com/api/socket/?EIO=4&transport=polling&t=OzK36t6&sid=TEwHkBeoIHPFL1CrABt9 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET /api/socket/?EIO=4&transport=polling&t=OzK36t6&sid=TEwHkBeoIHPFL1CrABt9 HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth-airbnb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| auth-airbnb.com/assets/index-BRxzhEWd.js | 172.67.185.203 | 200 OK | 447 kB |
URL GET HTTP/3auth-airbnb.com/assets/index-BRxzhEWd.js IP172.67.185.203:443
CertificateIssuerLet's Encrypt Subjectauth-airbnb.com FingerprintD0:4A:61:A1:5A:E0:D8:CF:89:1C:BC:DB:1F:3C:DA:D6:2C:01:8B:91 ValidityWed, 10 Apr 2024 01:38:55 GMT - Tue, 09 Jul 2024 01:38:54 GMT
Size447 kB (447449 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET /assets/index-BRxzhEWd.js HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth-airbnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:14:11 GMT
content-type: text/javascript
access-control-allow-origin: *
last-modified: Tue, 07 May 2024 14:56:04 GMT
etag: W/"447449-1715093764458"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tPgbsKBpXQ%2BlBa%2FOSYYmqgZdYNuEOp8mpgWEkdvEuR%2BW11rXOpgDZT2Q%2BZGpiY1lEQqaDCImtJ5AaBilINLpRAkoDLyys8DxdUpB1XNE6n7Gn8%2BYbF9RuZGe73SvRdxTXN0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8802d84cac2e56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| auth-airbnb.com/api/socket/?EIO=4&transport=polling&t=OzK36pP | 172.67.185.203 | 200 OK | 118 B |
URL GET HTTP/3auth-airbnb.com/api/socket/?EIO=4&transport=polling&t=OzK36pP IP172.67.185.203:443
CertificateIssuerLet's Encrypt Subjectauth-airbnb.com FingerprintD0:4A:61:A1:5A:E0:D8:CF:89:1C:BC:DB:1F:3C:DA:D6:2C:01:8B:91 ValidityWed, 10 Apr 2024 01:38:55 GMT - Tue, 09 Jul 2024 01:38:54 GMT
File typeASCII text, with no line terminators Hash1ea9d03e5c6e5e0a3d5a9e1e67439636 e6a81a04c97e12daa5e8850b2808ce12d8108f9d b0a2e7ad9fcf0a49d5db471e83db80898f50f7a9b28c57d70b9f3559d31df322
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET /api/socket/?EIO=4&transport=polling&t=OzK36pP HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auth-airbnb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 17:14:11 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MRdysS4DUrJp8L7BXmn4gwNIyozx9OvaXjqhdz79seRNW7BQsKvYzmF8Al8FVHtGuDQoUR4Kvp9BpopKitAlLoTnIzqFmfQj78mUkI2q5eyszvjiFn%2F810YtiiPx3iTwgJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8802d84e3fc056b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| auth-airbnb.com/api/socket/?EIO=4&transport=websocket&sid=TEwHkBeoIHPFL1CrABt9 | 172.67.185.203 | 400 Bad Request | 0 B |
URL GET HTTP/1.1auth-airbnb.com/api/socket/?EIO=4&transport=websocket&sid=TEwHkBeoIHPFL1CrABt9 IP172.67.185.203:443
CertificateIssuerLet's Encrypt Subjectauth-airbnb.com FingerprintD0:4A:61:A1:5A:E0:D8:CF:89:1C:BC:DB:1F:3C:DA:D6:2C:01:8B:91 ValidityWed, 10 Apr 2024 01:38:55 GMT - Tue, 09 Jul 2024 01:38:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Airbnb, Inc. |
GET /api/socket/?EIO=4&transport=websocket&sid=TEwHkBeoIHPFL1CrABt9 HTTP/1.1
Host: auth-airbnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://auth-airbnb.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nk5qNpFnwQg/kurvnmnNvQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 400 Bad Request
Date: Tue, 07 May 2024 17:14:11 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Brd5KPNVyRlTUiWPhdSIbimOA%2FCtnHmwbYAiSG7xxnSzobY%2FTvsisxo3H7tEEEBcNu99J%2FIzUAaoTIw2ztna%2BuReJzn7wOoxuWC1uM2HM%2FnaHwywEN2pXWjA528mPR4Xtoo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8802d84f6d5956c1-OSL
alt-svc: h3=":443"; ma=86400
|
|