airbnb.ld62374.ru
Open in
urlscan Pro
2606:4700:3035::ac43:b832
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On February 16 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on February 16th 2023. Valid for: 3 months.
This is the only time airbnb.ld62374.ru was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Airbnb (Hospitality)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2606:4700:303... 2606:4700:3035::ac43:b832 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:400d:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
16 | 104.83.4.17 104.83.4.17 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:400d:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 146.75.116.193 146.75.116.193 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
24 | 6 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-83-4-17.deploy.static.akamaitechnologies.com
a0.muscache.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
muscache.com
a0.muscache.com — Cisco Umbrella Rank: 11888 |
143 KB |
3 |
ld62374.ru
airbnb.ld62374.ru |
61 KB |
2 |
gstatic.com
fonts.gstatic.com |
24 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 298 |
32 KB |
1 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 6040 |
11 KB |
24 | 5 |
Domain | Requested by | |
---|---|---|
16 | a0.muscache.com |
airbnb.ld62374.ru
a0.muscache.com |
3 | airbnb.ld62374.ru |
airbnb.ld62374.ru
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | i.imgur.com |
airbnb.ld62374.ru
|
1 | ajax.googleapis.com |
airbnb.ld62374.ru
|
1 | fonts.googleapis.com |
airbnb.ld62374.ru
|
24 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
airbnb.ord9213.ru |
www.facebook.com |
vk.com |
twitter.com |
instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ld62374.ru E1 |
2023-02-16 - 2023-05-17 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-01-31 - 2023-04-25 |
3 months | crt.sh |
www.airbnb.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-14 - 2024-03-15 |
a year | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://airbnb.ld62374.ru/book?key=30298799
Frame ID: 95255747C70AF0BD752CE12E0FCE8494
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Airbnb: подтверждение и оплата – Гостевой дом The ParkDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: Подробнее
Search URL Search Domain Scan URL
Title: Социальное дистанцирование и другие рекомендации Airbnb во время пандемии
Search URL Search Domain Scan URL
Title: Выбрать язык Русский (RU)
Search URL Search Domain Scan URL
Title: Выбрать валюту₽RUB
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Конфиденциальность
Search URL Search Domain Scan URL
Title: Условия
Search URL Search Domain Scan URL
Title: Карта сайта
Search URL Search Domain Scan URL
Title: Реквизиты компании
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
book
airbnb.ld62374.ru/ |
231 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
20 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-lite_cereal-d9f6fdb2a0dd4a18c37f8ee01de8ec3d.css
a0.muscache.com/airbnb/static/packages/dls/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
91ef-a0aec0f2.css
a0.muscache.com/airbnb/static/packages/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-f0706e06.css
a0.muscache.com/airbnb/static/packages/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pdp-core-ui_sections_highlights_default-6917d4da.css
a0.muscache.com/airbnb/static/packages/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pdp-core-ui_sections_description_default-6246fa4b.css
a0.muscache.com/airbnb/static/packages/ |
77 B 771 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pdp-core-ui_sections_amenities_default-d92bf483.css
a0.muscache.com/airbnb/static/packages/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ |
86 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_visa.0adea522.svg
a0.muscache.com/airbnb/static/packages/ |
903 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_amex.84088b52.svg
a0.muscache.com/airbnb/static/packages/ |
750 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_mastercard.f18379cf.svg
a0.muscache.com/airbnb/static/packages/ |
559 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_googlepay.3f786bc0.svg
a0.muscache.com/airbnb/static/packages/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1HOFigX.jpg
i.imgur.com/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.inputmask.min.js
airbnb.ld62374.ru/assets/airbnb/assets/booking/js/ |
141 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
airbnb.ld62374.ru/assets/airbnb/assets/airbnb/js/ |
1 KB 667 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Airbnb_Cereal-Book-9a1c9cca9bb3d65fefa2aa487617805e.woff2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/ |
24 KB 24 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Airbnb_Cereal-Bold-bdfb98485e7836ba31b456f65cded088.woff2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/ |
23 KB 24 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Airbnb_Cereal-Medium-50fc004b3082375f12ff0cfb67bf8e56.woff2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/ |
24 KB 24 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Airbnb_Cereal-Cyrillic-Book-e02d5d2c18cb1adb5f60fba73ec84b85.woff2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/cereal-beta-v1/ |
18 KB 19 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Airbnb_Cereal-Cyrillic-Medium-f0e661ba5740e054d7c1faad5984c994.woff2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/cereal-beta-v1/ |
18 KB 18 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Airbnb_Cereal-Cyrillic-Bold-b218e811576428a4ca3d2f9e1b00b734.woff2
a0.muscache.com/airbnb/static/airbnb-dls-web/build/fonts/cereal-beta-v1/ |
18 KB 18 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Airbnb (Hospitality)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| Inputmask function| default1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
airbnb.ld62374.ru/ | Name: PHPSESSID Value: vn3aicqatiecae4gbi9mtfiu6u |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a0.muscache.com
airbnb.ld62374.ru
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
104.83.4.17
146.75.116.193
2606:4700:3035::ac43:b832
2a00:1450:4001:830::2003
2a00:1450:400d:808::200a
2a00:1450:400d:80e::200a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
25b8d79bb1b3645aec55be7581fb1ddd5f5bf59e7c31dc1116072067f6954f91
359af4f788eab451d46aa6fa7d2b2538e73127a3b043490cce62507f5b404438
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
43a02a19c4ec1ad7183852dff441af0edb44b7083dd0ee5545310b82ce1815b4
4b82647e5e6c55e3a18dbf7584b9042efeedfa05b5ae0e47d8dd117fb10c75b8
56712e5569c4799d9f95c7f9e8814e42df793cb47a02baab9d35703b12c934ce
6767e0b3665c0b73313d45688350b006eee064f835c3d937b6332c5fa6278448
716206e339c5c75f4c778cf6317f9cd9fa3b25b3a5309ba96f55443b0d11a3b1
8dfbae0dacd10d301e21a35cda20b66fd32f1ffe176842fcb28590512d756503
90d94760120e557ebcfccebe12a675c7d912f58923968da4f396ea782f1df4ed
910bfc606b7c82369fd37783518c86b3d909d0064479411385783f83f21363ef
9356128a4fdd7f7021f5b46ccc0f1e8158fc5a3cfb42833dd9c0236834efc27b
ac84f2fc34fe75a6a6906dbabf5b10adcfa940f8ff8831a7c87a91e15b569ef1
b06428a4009f63f0edb5c8cf89ffb84ea978a2b559cc4c14c8e7a0e130ceefc4
b11f01105c8b416bc49025877708638fc1955dc31d2a3fa7904d4e0b0f4ac4b4
b848d7113c5d21f463bd7b248115b78ae386d1628459bfcdb154f82f083bfc97
bd5eee72580bc4a289e10423ef3218410361bec914b68538541534076a1c4d13
be5dd02e5437a88e66e7efe317f0863e750b7d8eae2309541eb6c8c9bf3b3922
c1d707d0801315b6e4a37e3f7c219ea42647895c5dcf12e7a2642332bd5190d6
e42ecd5901dc3c1433b8eb790b65c89ef71822ceac7104fe98c4d95feb1166f5
ef6b2be75a0d81441e78ac501384f9588f770c9ed7226a23fee8d83856f439b7
f3c72f56432080777094901619c59ff629554133f0d97361ebdbe5b86352e9a3
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b