bnb.confirms-46041.com
Open in
urlscan Pro
2606:4700:3032::6815:3656
Malicious Activity!
Public Scan
Submission: On February 26 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on February 25th 2024. Valid for: 3 months.
This is the only time bnb.confirms-46041.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Airbnb (Hospitality)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 20 | 2606:4700:303... 2606:4700:3032::6815:3656 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 3 | 2.19.96.243 2.19.96.243 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 52.70.66.29 52.70.66.29 | 14618 (AMAZON-AES) (AMAZON-AES) | |
22 | 3 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-243.deploy.static.akamaitechnologies.com
a0.muscache.com | |
www.airbnb.com | |
www.airbnb.de |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-66-29.compute-1.amazonaws.com
airbnb.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
confirms-46041.com
1 redirects
bnb.confirms-46041.com |
252 KB |
2 |
airbnb.com
2 redirects
airbnb.com — Cisco Umbrella Rank: 9776 www.airbnb.com — Cisco Umbrella Rank: 10592 |
3 KB |
1 |
airbnb.de
www.airbnb.de — Cisco Umbrella Rank: 156295 |
|
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226 |
6 KB |
1 |
muscache.com
a0.muscache.com — Cisco Umbrella Rank: 8961 |
130 KB |
22 | 5 |
Domain | Requested by | |
---|---|---|
20 | bnb.confirms-46041.com |
1 redirects
bnb.confirms-46041.com
|
1 | www.airbnb.de | |
1 | www.airbnb.com | 1 redirects |
1 | airbnb.com | 1 redirects |
1 | cdnjs.cloudflare.com |
bnb.confirms-46041.com
|
1 | a0.muscache.com |
bnb.confirms-46041.com
|
22 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
confirms-46041.com GTS CA 1P5 |
2024-02-25 - 2024-05-25 |
3 months | crt.sh |
www.airbnb.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-16 - 2025-02-18 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bnb.confirms-46041.com/6395929262
Frame ID: 9CAE4D67B2D745F59AE6E9E46A430E93
Requests: 14 HTTP requests in this frame
Frame:
https://bnb.confirms-46041.com/chat/6395929262
Frame ID: B765BE37F431CFA4AEEAECA53717AD8F
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Airbnb | Vacation rentals, cabins, beach houses, & moreDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://bnb.confirms-46041.com/chat/%7Bimage%7D HTTP 302
- https://airbnb.com/ HTTP 301
- https://www.airbnb.com/ HTTP 307
- https://www.airbnb.de/?_set_bev_on_new_domain=1708906479_NzI3NDI5YTAzNjU4
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
6395929262
bnb.confirms-46041.com/ |
39 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat.css
bnb.confirms-46041.com/build/ |
3 KB 997 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script2.js
bnb.confirms-46041.com/css/airbnb/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
bnb.confirms-46041.com/css/airbnb/css/ |
31 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
bnb.confirms-46041.com/js/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa.svg
bnb.confirms-46041.com/css/airbnb/assets/img/payments/ |
903 B 858 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amex.svg
bnb.confirms-46041.com/css/airbnb/assets/img/payments/ |
750 B 802 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mc.svg
bnb.confirms-46041.com/css/airbnb/assets/img/payments/ |
559 B 823 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
discover.svg
bnb.confirms-46041.com/css/airbnb/assets/img/payments/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6af96626-5805-4729-ab1e-01e46c3976c3.jpeg
a0.muscache.com/im/pictures/prohost-api/Hosting-16174606/original/ |
129 KB 130 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6395929262
bnb.confirms-46041.com/chat/ Frame B765 |
29 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
user_send_status.php
bnb.confirms-46041.com/ajax/ |
0 495 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
air.woff
bnb.confirms-46041.com/css/airbnb/assets/fonts/ |
32 KB 32 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
air-light.woff
bnb.confirms-46041.com/css/airbnb/assets/fonts/ |
32 KB 32 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
air-bold.woff
bnb.confirms-46041.com/css/airbnb/assets/fonts/ |
31 KB 32 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chat.css
bnb.confirms-46041.com/css/ Frame B765 |
106 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame B765 |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
support.png
bnb.confirms-46041.com/img/ Frame B765 |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
support-open.png
bnb.confirms-46041.com/img/ Frame B765 |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
bnb.confirms-46041.com/dist/new_card_design/ Frame B765 |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
msg_check.php
bnb.confirms-46041.com/ajax/ Frame B765 |
5 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.airbnb.de/ Frame B765 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Airbnb (Hospitality)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery number| get_status function| onPage function| formatCreditCardNumber function| renderCountries function| showListOfCountries function| showMobilePopup object| selectCountry function| checkExpiry function| checkCVV function| checkZIP function| checkErrorMessage function| submitForm function| fixHeader object| items object| wrap object| list1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bnb.confirms-46041.com/ | Name: PHPSESSID Value: ic4jdrtcpc5dmhebsll1u8q2jn |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a0.muscache.com
airbnb.com
bnb.confirms-46041.com
cdnjs.cloudflare.com
www.airbnb.com
www.airbnb.de
2.19.96.243
2606:4700:3032::6815:3656
2606:4700::6811:180e
52.70.66.29
0e73d30d07be6b19a2378a4ba1756d4eff7e2425a9fc74de0560742a2f0648dc
1fc1e7ad40e4ae54f2dbd4b1f8b0b09482bbcae9524a3a1743f0f5da062740d8
560b6b311920854bb28122c60e1262f34723ed8bff0b6970300bd04d9369adeb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82c616280d41370361d4c1317a21154976d765da254b5c85d38fe1941a6deac2
83f54ad9011d6294256d51fd8467263bc03c73bbcf60fbb0ef7e6543e4d9a51c
84ec8b9bf204c018f1ab19aae4788e72a0434731d166ae5b48f1e9ebc4495e02
8dfbae0dacd10d301e21a35cda20b66fd32f1ffe176842fcb28590512d756503
910bfc606b7c82369fd37783518c86b3d909d0064479411385783f83f21363ef
9356128a4fdd7f7021f5b46ccc0f1e8158fc5a3cfb42833dd9c0236834efc27b
b1c9ad009f4d6ed374fe5404e3276bbbc345396e772cd72491a88c1173582ec3
c0ebfb480cfaf72fe55f481384bfcecadb34a1745e5c55ca8d3cf0a8b852d9c8
c12fff6b197ff0c1bc02931bec0266105ea020b144a384c6a9bd38261cce7985
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed81be88c41f9c10e443132c06ace45508564c7c4a561ae7ad199d2464f519e6
f38df22b91417e6c60a0c086f7997c1ba6c5b844b3c947d07ed7e88650442973
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f95fd885fd024472895d8b09606e94ea9778ce31384a5fd49bc5d84465d93289
fca6b19d362debd292ba17ffd10a4380961a45bf44b4ce68098ea8a2e197efbf
ff0aa357bd18f90e1d8a001cd28716c1180a666885e42995dfae748cd794e5fe