host67124999432.gskill.us Open in urlscan Pro
67.212.182.51 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&cad=rja&uact=8&ved=2ahUKEwjOx5KmlqDlAhUJLVAKHdx5CMEQFjA...
Effective URL:
https://host67124999432.gskill.us/login/1571239225/
Submission: On October 16 via manual (October 16th 2019, 3:20:40 pm UTC) from GB

Summary HTTP 17 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 67.212.182.51, located in Chicago, United States and belongs to SINGLEHOP-LLC - SingleHop LLC, US. The main domain is host67124999432.gskill.us.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 16th 2019. Valid for: 3 months.

This is the only time host67124999432.gskill.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Airbnb (Hospitality)

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	31.11.33.207 31.11.33.207	31034 (ARUBA-ASN) (ARUBA-ASN)
2 18	67.212.182.51 67.212.182.51	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
17	2

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.11.33.207 (Arezzo, Italy) 1 redirects

ASN31034 (ARUBA-ASN, IT)
PTR: websn2s197.aruba.it

www.heiconsortium.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 67.212.182.51 (Chicago, United States) 2 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server4.gskill.com

host67124999432.gskill.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	gskill.us 2 redirects host67124999432.gskill.us	677 KB
1	heiconsortium.it 1 redirects www.heiconsortium.it	227 B
1	google.com www.google.com	853 B
17	3

	Domain	Requested by
18	host67124999432.gskill.us	2 redirects www.google.com host67124999432.gskill.us
1	www.heiconsortium.it	1 redirects
1	www.google.com
17	3

This site contains links to these domains. Also see Links.

Domain
is.gd
airbnbmag.com
www.facebook.com
twitter.com
instagram.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
host67124999432.gskill.us cPanel, Inc. Certification Authority	`2019-10-16` - `2020-01-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://host67124999432.gskill.us/login/1571239225/
Frame ID: 67C94D09EC830A67E55F98F0489B3199
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&cad=rja&uact=8&ved=2ahUKEwjOx5KmlqD... Page URL
http://www.heiconsortium.it/category/uncategorized-it/ HTTP 302
https://host67124999432.gskill.us/ HTTP 302
https://host67124999432.gskill.us/login/1571239225 HTTP 301
https://host67124999432.gskill.us/login/1571239225/ Page URL

Detected technologies

Google Web Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /gws/i

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

678 kB
Transfer

674 kB
Size

0
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://is.gd/Yk2BJv
Title: Become a Host

Search URL Search Domain Scan URL

URL: https://is.gd/ZpHDqf
Title: Help

Search URL Search Domain Scan URL

URL: https://is.gd/T6Yt97
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://is.gd/zEMjHT
Title: About us

Search URL Search Domain Scan URL

URL: https://is.gd/FFkA6h
Title: Careers

Search URL Search Domain Scan URL

URL: https://is.gd/JWDGmW
Title: Press

Search URL Search Domain Scan URL

URL: https://is.gd/aZWMd3
Title: Policies

Search URL Search Domain Scan URL

URL: https://is.gd/FgEacr
Title: Diversity & Belonging

Search URL Search Domain Scan URL

URL: https://is.gd/Lg7JZv
Title: Trust & Safety

Search URL Search Domain Scan URL

URL: https://is.gd/41SYej
Title: Travel Credit

Search URL Search Domain Scan URL

URL: https://is.gd/yyBqik
Title: Airbnb Citizen

Search URL Search Domain Scan URL

URL: https://is.gd/QHwZGN
Title: Business Travel

Search URL Search Domain Scan URL

URL: https://is.gd/lIOABZ
Title: Guidebooks

Search URL Search Domain Scan URL

URL: https://airbnbmag.com/
Title: Airbnbmag

Search URL Search Domain Scan URL

URL: https://is.gd/OjkU99
Title: Why Host

Search URL Search Domain Scan URL

URL: https://is.gd/QMuJ3q
Title: Hospitality

Search URL Search Domain Scan URL

URL: https://is.gd/xtSEL5
Title: Community Centre

Search URL Search Domain Scan URL

URL: https://is.gd/v72Wgj
Title: Terms

Search URL Search Domain Scan URL

URL: https://is.gd/30zf7g
Title: Privacy

Search URL Search Domain Scan URL

URL: https://is.gd/oqKgr5
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.facebook.com/airbnb
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/airbnb
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/airbnb
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&cad=rja&uact=8&ved=2ahUKEwjOx5KmlqDlAhUJLVAKHdx5CMEQFjADegQIBhAB&url=http://www.heiconsortium.it/category/uncategorized-it/&usg=AOvVaw1T9TCcsZysUEpbBiKYZGMj Page URL
http://www.heiconsortium.it/category/uncategorized-it/ HTTP 302
https://host67124999432.gskill.us/ HTTP 302
https://host67124999432.gskill.us/login/1571239225 HTTP 301
https://host67124999432.gskill.us/login/1571239225/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 url Show response
www.google.com/ 971 B
853 B 33ms
33ms Document
text/html 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&cad=rja&uact=8&ved=2ahUKEwjOx5KmlqDlAhUJLVAKHdx5CMEQFjADegQIBhAB&url=http://www.heiconsortium.it/category/uncategorized-it/&usg=AOvVaw1T9TCcsZysUEpbBiKYZGMj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

9d2ac8211fa171e3bfe955257ecc33ab94a6841401b2476fe0c9acd8fcd459c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&cad=rja&uact=8&ved=2ahUKEwjOx5KmlqDlAhUJLVAKHdx5CMEQFjADegQIBhAB&url=http://www.heiconsortium.it/category/uncategorized-it/&usg=AOvVaw1T9TCcsZysUEpbBiKYZGMj
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Wed, 16 Oct 2019 15:20:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 484
x-xss-protection: 0
set-cookie: NID=189=q8zO_yJKhB91LvdmXr8hc_F5qhJ84fMSFWz7l2miOtoz3r1tOGI6ubGbVXCgYODlXhBIn2T-rLvr_G6Yw6IpZgy9wokFkZLrpPN6n4V5L6SCboidTb6FzG4kSB_lcgu7gO5A1L_4BD2aW8_gBz1qKxkm9H1gDMEOIwAhZkybpPM; expires=Thu, 16-Apr-2020 15:20:22 GMT; path=/; domain=.google.com; HttpOnly CONSENT=WP.27f56c; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200
OK

Primary Request / Show response
host67124999432.gskill.us/login/1571239225/
Redirect Chain

http://www.heiconsortium.it/category/uncategorized-it/
https://host67124999432.gskill.us/
https://host67124999432.gskill.us/login/1571239225
https://host67124999432.gskill.us/login/1571239225/

111 KB
111 KB

140ms
139ms

Document
text/html

67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/login/1571239225/
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=4&cad=rja&uact=8&ved=2ahUKEwjOx5KmlqDlAhUJLVAKHdx5CMEQFjADegQIBhAB&url=http://www.heiconsortium.it/category/uncategorized-it/&usg=AOvVaw1T9TCcsZysUEpbBiKYZGMj
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: 47385a23d231491859c85215de06b805edff62c333def478ca64091bf53d588f

Request headers

Host: host67124999432.gskill.us
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.google.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.google.com/

Response headers

Date: Wed, 16 Oct 2019 15:20:25 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 16 Oct 2019 15:20:25 GMT
Server: Apache
Location: https://host67124999432.gskill.us/login/1571239225/
Content-Length: 259
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK common_o2.1-d39fc73696664916e1df691e17630bbb.css
host67124999432.gskill.us/css/ 138 KB
138 KB 99ms
99ms Stylesheet
text/css 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/css/common_o2.1-d39fc73696664916e1df691e17630bbb.css
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: 75cb6bc70207ddb15f222c632e724581b0fb452cacd268c6c58e5927ccdb1b81

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://host67124999432.gskill.us/login/1571239225/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:25 GMT
Last-Modified: Fri, 21 Jul 2017 08:55:24 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 141483

GET
H/1.1 200
OK common-5e85a1be2218d7ae6e026fee126b0ec1.css
host67124999432.gskill.us/css/ 100 KB
101 KB 301ms
98ms Stylesheet
text/css 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/css/common-5e85a1be2218d7ae6e026fee126b0ec1.css
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: bb0359bb6287ec007618a13d5aade4ca60cdb012a5ea947dc022ec03f04fbfcc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://host67124999432.gskill.us/login/1571239225/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:25 GMT
Last-Modified: Fri, 21 Jul 2017 08:56:44 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 102744

GET
H/1.1 200
OK signinup-054b06337494ba9bc92696dc56d55dcb.css
host67124999432.gskill.us/css/ 491 B
732 B 301ms
99ms Stylesheet
text/css 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/css/signinup-054b06337494ba9bc92696dc56d55dcb.css
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: a8aa80553b033481759a0bae4dd0d1875fcebbd18199518989f851d099ea806b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://host67124999432.gskill.us/login/1571239225/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:25 GMT
Last-Modified: Wed, 12 Jul 2017 21:30:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 491

GET
H/1.1 200
OK jquery-3.2.0.min.js Show response
host67124999432.gskill.us/js/ 85 KB
85 KB 100ms
99ms Script
application/javascript 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/js/jquery-3.2.0.min.js
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: 2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://host67124999432.gskill.us/login/1571239225/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:25 GMT
Last-Modified: Thu, 25 May 2017 18:55:28 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 86596

GET
H/1.1 200
OK jQuery.dPassword.js Show response
host67124999432.gskill.us/js/ 7 KB
7 KB 127ms
99ms Script
application/javascript 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/js/jQuery.dPassword.js
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: e4aa329ce9bdb74ef6b73c45ddeb576aa52bcfdcade66827ce803ae4f248e1e9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://host67124999432.gskill.us/login/1571239225/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:25 GMT
Last-Modified: Sun, 16 Jul 2017 08:28:30 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6861

GET
H/1.1 200
OK Circular_Air-Book-b222d268121d6dbe23687b805b117820.woff2
host67124999432.gskill.us/fonts/ 57 KB
57 KB 99ms
98ms Font
font/woff2 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/fonts/Circular_Air-Book-b222d268121d6dbe23687b805b117820.woff2
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: 1eec9d1d9e83785260a4792f82680a2d28052e4ca4a237be680b3977ec14b0a8

Request headers

Sec-Fetch-Mode: cors
Referer: https://host67124999432.gskill.us/css/common_o2.1-d39fc73696664916e1df691e17630bbb.css
Origin: https://host67124999432.gskill.us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:26 GMT
Last-Modified: Fri, 21 Jul 2017 08:50:26 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 58032

GET
H/1.1 200
OK text-field-icons-72d5ec863b1ef7c22391015ec8af5906.png
host67124999432.gskill.us/img/ 5 KB
5 KB 100ms
99ms Image
image/png 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://host67124999432.gskill.us/img/text-field-icons-72d5ec863b1ef7c22391015ec8af5906.png
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: 93fa04524dd4d53e5a06985f8bc7b60f294b221d4cf4acdb2eff8004377ea6b8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://host67124999432.gskill.us/css/common-5e85a1be2218d7ae6e026fee126b0ec1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:26 GMT
Last-Modified: Fri, 21 Jul 2017 08:56:40 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5138

GET
H/1.1 200
OK Circular_Air-Light-8191d5473a5ccd7b25e738600215254c.woff2
host67124999432.gskill.us/fonts/ 61 KB
61 KB 99ms
99ms Font
font/woff2 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/fonts/Circular_Air-Light-8191d5473a5ccd7b25e738600215254c.woff2
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: af06286bfe18f5033fe9c0bd627b83aa16035897805a4524c87fc7e071a07b40

Request headers

Sec-Fetch-Mode: cors
Referer: https://host67124999432.gskill.us/css/common_o2.1-d39fc73696664916e1df691e17630bbb.css
Origin: https://host67124999432.gskill.us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:26 GMT
Last-Modified: Fri, 21 Jul 2017 08:50:42 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 62152

GET
H/1.1 200
OK Circular_Air-Bold-f6a8738f19ae14110b36ff16220403d9.woff2
host67124999432.gskill.us/fonts/ 60 KB
60 KB 100ms
99ms Font
font/woff2 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/fonts/Circular_Air-Bold-f6a8738f19ae14110b36ff16220403d9.woff2
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: cf2b4da5d050d9bd5d80417fef145d1d7e07f49e072edcca2d467037668fa776

Request headers

Sec-Fetch-Mode: cors
Referer: https://host67124999432.gskill.us/css/common_o2.1-d39fc73696664916e1df691e17630bbb.css
Origin: https://host67124999432.gskill.us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:26 GMT
Last-Modified: Fri, 21 Jul 2017 08:50:36 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 61608

GET
H/1.1 200
OK airglyphs-bb873ab4254c83409cf1fa6f4759fa3e.woff
host67124999432.gskill.us/fonts/ 48 KB
48 KB 100ms
100ms Font
font/woff 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/fonts/airglyphs-bb873ab4254c83409cf1fa6f4759fa3e.woff
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/login/1571239225/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: 6e07c25796f31968c649c16a04b3333b08fce1a8312f7001fad89338106d76c1

Request headers

Sec-Fetch-Mode: cors
Referer: https://host67124999432.gskill.us/css/common_o2.1-d39fc73696664916e1df691e17630bbb.css
Origin: https://host67124999432.gskill.us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 15:20:26 GMT
Last-Modified: Fri, 21 Jul 2017 08:50:22 GMT
Server: Apache
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 48808

GET
H/1.1 200
OK 144.76.109.30.json Show response
host67124999432.gskill.us/data/ 285 B
533 B 98ms
98ms XHR
application/json 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/data/144.76.109.30.json?_=1571239224427
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/js/jquery-3.2.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: b2593d6e532ad306d271b30cc4d479e52b804066094d8ce9e4363e07a1043dae

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://host67124999432.gskill.us/login/1571239225/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 16 Oct 2019 15:20:28 GMT
Last-Modified: Wed, 16 Oct 2019 15:20:25 GMT
Server: Apache
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 285

GET
H/1.1 200
OK 144.76.109.30.json Show response
host67124999432.gskill.us/data/ 285 B
533 B 99ms
98ms XHR
application/json 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/data/144.76.109.30.json?_=1571239224428
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/js/jquery-3.2.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: b2593d6e532ad306d271b30cc4d479e52b804066094d8ce9e4363e07a1043dae

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://host67124999432.gskill.us/login/1571239225/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 16 Oct 2019 15:20:30 GMT
Last-Modified: Wed, 16 Oct 2019 15:20:25 GMT
Server: Apache
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 285

GET
H/1.1 200
OK 144.76.109.30.json Show response
host67124999432.gskill.us/data/ 285 B
533 B 98ms
98ms XHR
application/json 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/data/144.76.109.30.json?_=1571239224429
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/js/jquery-3.2.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: b2593d6e532ad306d271b30cc4d479e52b804066094d8ce9e4363e07a1043dae

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://host67124999432.gskill.us/login/1571239225/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 16 Oct 2019 15:20:32 GMT
Last-Modified: Wed, 16 Oct 2019 15:20:25 GMT
Server: Apache
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 285

GET
H/1.1 200
OK 144.76.109.30.json Show response
host67124999432.gskill.us/data/ 285 B
533 B 99ms
98ms XHR
application/json 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/data/144.76.109.30.json?_=1571239224430
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/js/jquery-3.2.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: b2593d6e532ad306d271b30cc4d479e52b804066094d8ce9e4363e07a1043dae

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://host67124999432.gskill.us/login/1571239225/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 16 Oct 2019 15:20:34 GMT
Last-Modified: Wed, 16 Oct 2019 15:20:25 GMT
Server: Apache
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 285

GET
H/1.1 200
OK 144.76.109.30.json Show response
host67124999432.gskill.us/data/ 285 B
534 B 297ms
99ms XHR
application/json 67.212.182.51
SingleHop LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://host67124999432.gskill.us/data/144.76.109.30.json?_=1571239224431
Requested by: Host: host67124999432.gskill.us
URL: https://host67124999432.gskill.us/js/jquery-3.2.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.212.182.51 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS: server4.gskill.com
Software: Apache /
Resource Hash: b2593d6e532ad306d271b30cc4d479e52b804066094d8ce9e4363e07a1043dae

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://host67124999432.gskill.us/login/1571239225/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Wed, 16 Oct 2019 15:20:36 GMT
Last-Modified: Wed, 16 Oct 2019 15:20:25 GMT
Server: Apache
Content-Type: application/json
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 285

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Airbnb (Hospitality)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

host67124999432.gskill.us
www.google.com
www.heiconsortium.it
2a00:1450:4001:800::2004
31.11.33.207
67.212.182.51
1eec9d1d9e83785260a4792f82680a2d28052e4ca4a237be680b3977ec14b0a8
2405bdf4c255a4904671bcc4b97938033d39b3f5f20dd068985a8d94cde273e2
47385a23d231491859c85215de06b805edff62c333def478ca64091bf53d588f
6e07c25796f31968c649c16a04b3333b08fce1a8312f7001fad89338106d76c1
75cb6bc70207ddb15f222c632e724581b0fb452cacd268c6c58e5927ccdb1b81
93fa04524dd4d53e5a06985f8bc7b60f294b221d4cf4acdb2eff8004377ea6b8
9d2ac8211fa171e3bfe955257ecc33ab94a6841401b2476fe0c9acd8fcd459c9
a8aa80553b033481759a0bae4dd0d1875fcebbd18199518989f851d099ea806b
af06286bfe18f5033fe9c0bd627b83aa16035897805a4524c87fc7e071a07b40
b2593d6e532ad306d271b30cc4d479e52b804066094d8ce9e4363e07a1043dae
bb0359bb6287ec007618a13d5aade4ca60cdb012a5ea947dc022ec03f04fbfcc
cf2b4da5d050d9bd5d80417fef145d1d7e07f49e072edcca2d467037668fa776
e4aa329ce9bdb74ef6b73c45ddeb576aa52bcfdcade66827ce803ae4f248e1e9

host67124999432.gskill.us Open in urlscan Pro 67.212.182.51 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

678 kBTransfer

674 kBSize

0 Cookies

23 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

host67124999432.gskill.us Open in urlscan Pro
67.212.182.51 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

678 kB
Transfer

674 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!