urlscan.io logo urlscan.io
SecurityTrails logo

aktywnaodzaraz.pl Open in urlscan Pro
5.252.230.141  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/polan
Effective URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Submission: On December 27 via manual from HU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 6 countries across 9 domains to perform 22 HTTP transactions. The main IP is 5.252.230.141, located in Poland and belongs to LH, PL. The main domain is aktywnaodzaraz.pl.
TLS certificate: Issued by www.lh.pl on October 8th 2020. Valid for: a year.
This is the only time aktywnaodzaraz.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spotify (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 54.81.48.211 14618 (AMAZON-AES)
5 5.252.230.141 203417 (LH)
2 193.67.130.68 200596 (ADYEN)
9 78.40.123.151 39605 (IGUANESOL...)
1 184.30.218.27 20940 (AKAMAI-ASN1)
1 2.16.186.75 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
22 8
1    54.81.48.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-48-211.compute-1.amazonaws.com
rebrand.ly
5    5.252.230.141 (Poland)

ASN203417 (LH, PL)
PTR: main52.lh.pl
aktywnaodzaraz.pl
2    193.67.130.68 (Netherlands)

ASN200596 (ADYEN, NL)
checkoutshopper-live.adyen.com
9    78.40.123.151 (France)

ASN39605 (IGUANESOLUTIONS, FR)
PTR: blm-vippay-01.ig-1.net
payment-files.deezer.com
1    184.30.218.27 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-218-27.deploy.static.akamaitechnologies.com
seal.websecurity.norton.com
1    2.16.186.75 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-75.deploy.static.akamaitechnologies.com
cdns-images.dzcdn.net
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
9 payment-files.deezer.com aktywnaodzaraz.pl
payment-files.deezer.com
5 aktywnaodzaraz.pl aktywnaodzaraz.pl
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 checkoutshopper-live.adyen.com aktywnaodzaraz.pl
1 www.googletagmanager.com aktywnaodzaraz.pl
1 encrypted-tbn2.gstatic.com aktywnaodzaraz.pl
1 cdns-images.dzcdn.net aktywnaodzaraz.pl
1 seal.websecurity.norton.com aktywnaodzaraz.pl
1 rebrand.ly 1 redirects
22 9

This site contains links to these domains. Also see Links.

Domain
www.symantec.com
support.deezer.com
Subject Issuer Validity Valid
aktywnaodzaraz.pl
www.lh.pl		 2020-10-08 -
2021-10-08		 a year crt.sh
*.adyen.com
Thawte TLS RSA CA G1		 2020-01-08 -
2022-04-08		 2 years crt.sh
*.deezer.com
Gandi Pro SSL CA 2		 2019-07-31 -
2021-08-05		 2 years crt.sh
seal.websecurity.norton.com
DigiCert SHA2 Extended Validation Server CA		 2020-03-23 -
2022-04-03		 2 years crt.sh
cdn-content.dzcdn.net
Let's Encrypt Authority X3		 2020-10-22 -
2021-01-20		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Frame ID: C8EFC0A3EFE091B79F998CECFE3FEBDE
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://rebrand.ly/polan HTTP 301
    https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

22
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

9
Subdomains

8
IPs

6
Countries

496 kB
Transfer

1399 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/polan HTTP 301
    https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Redirect Chain
  • https://rebrand.ly/polan
  • https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
195 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.230.141 , Poland, ASN203417 (LH, PL),
Reverse DNS
main52.lh.pl
Software
Apache /
Resource Hash
f780314727b07b63064d3408c8595ce7954fd9ce1b3d82c65c4237360775f01d

Request headers

:method
GET
:authority
aktywnaodzaraz.pl
:scheme
https
:path
/wp-content/uploads/Spotify/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 08:58:08 GMT
server
Apache
last-modified
Fri, 25 Dec 2020 03:08:20 GMT
etag
"30bc2-5b7413c8a3100-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html

Redirect headers

Cache-Control
no-cache, no-store
Date
Sun, 27 Dec 2020 08:58:07 GMT
Engine
Rebrandly.redirect, version 2.1
Expires
-1
Location
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Server
Kestrel
Strict-Transport-Security
max-age=15552000
Content-Length
0
Connection
keep-alive
adyen.css
checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.2.0/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.2.0/adyen.css
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.67.130.68 , Netherlands, ASN200596 (ADYEN, NL),
Reverse DNS
Software
Apache /
Resource Hash
c5f483b117f7eb2a3268d6249ceae058c4054c47679ad4ab5acb7653a7c4ab6b

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Content-Encoding
gzip
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
bootstrap.css
payment-files.deezer.com/v2/css/sass_c/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment-files.deezer.com/v2/css/sass_c/bootstrap.css?v=00001134
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
d964a2104d3fd73bfe8260ef8d65ea5c888861190ee851e999d31f5db82e74f7

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Dec 2020 13:13:19 GMT
Server
Apache
ETag
"74d1-5b70d56a79864-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
X-Host
blm-pay-01
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
4372
Expires
Tue, 26 Jan 2021 08:58:08 GMT
styles.ltr.css
payment-files.deezer.com/v2/css/sass_c/ 		92 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment-files.deezer.com/v2/css/sass_c/styles.ltr.css?v=00001134
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
ca7e3a901a4c83f8367599f43c69147481f7880817e9215cd7090d3901613350

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Dec 2020 13:13:36 GMT
Server
Apache
ETag
"17166-5b70d57a2637e-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
X-Host
blm-pay-05
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
9772
Expires
Tue, 26 Jan 2021 08:58:08 GMT
getseal
seal.websecurity.norton.com/ 		13 B
217 B 		Script
General
Check archive.org
Download Go to
Full URL
https://seal.websecurity.norton.com/getseal?host_name=payment.deezer.com&size=M&use_flash=NO&use_transparent=YES&lang=fr
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.218.27 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-30-218-27.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 /
Resource Hash
bb807cd3b9903a753407ec9d82c403490bad87e9b707458b7d0e7f165277cd2c

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Cache-Control
must-revalidate, max-age=0
Server
nginx/1.14.0
Connection
keep-alive
ETag
Content-Length
13
Content-Type
text/javascript
50x50.jpg
cdns-images.dzcdn.net/images/user/215ff2502e9ffdc9adc1015285764c94/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdns-images.dzcdn.net/images/user/215ff2502e9ffdc9adc1015285764c94/50x50.jpg
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.75 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f0dde300e2c0014e265fdc2e3c7e2c56b68107ef4066ad6406705ff043cd96ba

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 08:58:08 GMT
x-deezer-client-ip
185.156.175.107
p3p
policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
x-deezer-cache
MISS
x-host
blm-static-07
content-length
816
x-md5
215ff2502e9ffdc9adc1015285764c94
pragma
last-modified
Fri, 26 Jul 2019 23:25:45 GMT
server
Apache
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
x-deezer-client-ip,Akamai-Request-BC
cache-control
public, max-age=1723248
x-robots-tag
noindex,nofollow,noarchive
expires
Sat, 16 Jan 2021 07:38:56 GMT
xvx.js
aktywnaodzaraz.pl/wp-content/uploads/Spotify/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/js/xvx.js
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.230.141 , Poland, ASN203417 (LH, PL),
Reverse DNS
main52.lh.pl
Software
Apache /
Resource Hash

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 08:58:08 GMT
cache-control
no-cache, must-revalidate, max-age=0
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
Apache
link
<https://aktywnaodzaraz.pl/wp-json/>; rel="https://api.w.org/"
content-type
text/html; charset=UTF-8
xvx.js
aktywnaodzaraz.pl/wp-content/uploads/Spotify/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/xvx.js
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.230.141 , Poland, ASN203417 (LH, PL),
Reverse DNS
main52.lh.pl
Software
Apache /
Resource Hash

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 08:58:08 GMT
cache-control
no-cache, must-revalidate, max-age=0
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
Apache
link
<https://aktywnaodzaraz.pl/wp-json/>; rel="https://api.w.org/"
content-type
text/html; charset=UTF-8
images
encrypted-tbn2.gstatic.com/ 		686 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcQqm8ZOWwKAOjhwU1n-WyEZyXTeu5CcV5c3Ylo5uTKg5NfX5C_2bdfboJE
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c260b4be6ad5ef0bdd756f19e5e12da7eb384cbd2b2ee81e3abe4cfaa1d5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 08:58:08 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Sep 2019 13:26:55 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
686
x-xss-protection
0
expires
Mon, 27 Dec 2021 08:58:08 GMT
adyen.cardtype.min.js
payment-files.deezer.com/v2/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment-files.deezer.com/v2/js/adyen.cardtype.min.js?1_2_1
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
79ecd961722e9ca6b8577a142650fe847fb8ac09dc672473fc282e6c42781720

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jun 2018 12:31:37 GMT
Server
Apache
ETag
"2a30-56dd01d633bd7-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
X-Host
blm-pay-03
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
3663
Expires
Tue, 26 Jan 2021 08:58:08 GMT
adyen.encrypt.min.js
payment-files.deezer.com/v2/js/ 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://payment-files.deezer.com/v2/js/adyen.encrypt.min.js?0_1_21
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
a80c88b5d592f1e3871e2edd9318d2e885a7f9c6f3fa006ec4ed233781bdea60

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jun 2018 12:31:37 GMT
Server
Apache
ETag
"1aa28-56dd01d634b77-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
X-Host
blm-pay-04
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
38249
Expires
Tue, 26 Jan 2021 08:58:08 GMT
adyen.js
checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.2.0/ 		406 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.2.0/adyen.js
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.67.130.68 , Netherlands, ASN200596 (ADYEN, NL),
Reverse DNS
Software
Apache /
Resource Hash
3868dd451a4999521c033f2781fd2d9e94cfa823fe09505355e55b6804f0a3c4

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Content-Encoding
gzip
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
secured.png
payment-files.deezer.com/v2/img/ 		415 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment-files.deezer.com/v2/img/secured.png?1499266632
Requested by
Host: payment-files.deezer.com
URL: https://payment-files.deezer.com/v2/css/sass_c/styles.ltr.css?v=00001134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
04e0ac12ba35b16e563908bb758545766a0f0fa0f9d64dc69ae1882d50081f59

Request headers

Referer
https://payment-files.deezer.com/v2/css/sass_c/styles.ltr.css?v=00001134
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Last-Modified
Wed, 05 Jul 2017 14:57:12 GMT
Server
Apache
ETag
"19f-55393371057e8"
Content-Type
image/png
Cache-Control
max-age=2592000
X-Host
blm-pay-05
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=499
Content-Length
415
Expires
Tue, 26 Jan 2021 08:58:08 GMT
logos-se0586fca0b.png
payment-files.deezer.com/v2/img/compass/sprites/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment-files.deezer.com/v2/img/compass/sprites/logos-se0586fca0b.png
Requested by
Host: payment-files.deezer.com
URL: https://payment-files.deezer.com/v2/css/sass_c/styles.ltr.css?v=00001134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
b10d6b7e960f5854c07adc24e2e7be79ac2c2fb042f6bbf4719249497c348a2e

Request headers

Referer
https://payment-files.deezer.com/v2/css/sass_c/styles.ltr.css?v=00001134
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Last-Modified
Tue, 22 Dec 2020 13:13:38 GMT
Server
Apache
ETag
"28e59-5b70d57bd2ede"
Content-Type
image/png
Cache-Control
max-age=2592000
X-Host
blm-pay-05
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=498
Content-Length
167513
Expires
Tue, 26 Jan 2021 08:58:08 GMT
deezer-icons.woff
payment-files.deezer.com/v2/fonts/deezer-icons/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payment-files.deezer.com/v2/fonts/deezer-icons/deezer-icons.woff?1536156619
Requested by
Host: payment-files.deezer.com
URL: https://payment-files.deezer.com/v2/css/sass_c/bootstrap.css?v=00001134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
d9bf89869cc472914c0176566ba4cf962e69666db03d0c602f7699e251e82ac1

Request headers

Origin
https://aktywnaodzaraz.pl
Referer
https://payment-files.deezer.com/v2/css/sass_c/bootstrap.css?v=00001134
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Last-Modified
Wed, 05 Sep 2018 14:10:19 GMT
Server
Apache
ETag
"101c-57520559fc78a"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Host
blm-pay-01
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
4124
open-sans.woff
payment-files.deezer.com/v2/fonts/open-sans/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://payment-files.deezer.com/v2/fonts/open-sans/open-sans.woff?1499266632
Requested by
Host: payment-files.deezer.com
URL: https://payment-files.deezer.com/v2/css/sass_c/bootstrap.css?v=00001134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
b9e0699272a5df7a51862b402ac6294d8d20993e67588001b8b44bfeb5438a6a

Request headers

Origin
https://aktywnaodzaraz.pl
Referer
https://payment-files.deezer.com/v2/css/sass_c/bootstrap.css?v=00001134
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Last-Modified
Wed, 05 Jul 2017 14:57:12 GMT
Server
Apache
ETag
"8608-55393371057e8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Host
blm-pay-06
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=500
Content-Length
34312
xvx.js
aktywnaodzaraz.pl/wp-content/uploads/Spotify/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/js/xvx.js
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.230.141 , Poland, ASN203417 (LH, PL),
Reverse DNS
main52.lh.pl
Software
Apache /
Resource Hash

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 08:58:08 GMT
cache-control
no-cache, must-revalidate, max-age=0
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
Apache
link
<https://aktywnaodzaraz.pl/wp-json/>; rel="https://api.w.org/"
content-type
text/html; charset=UTF-8
xvx.js
aktywnaodzaraz.pl/wp-content/uploads/Spotify/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/xvx.js
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.252.230.141 , Poland, ASN203417 (LH, PL),
Reverse DNS
main52.lh.pl
Software
Apache /
Resource Hash

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 08:58:08 GMT
cache-control
no-cache, must-revalidate, max-age=0
expires
Wed, 11 Jan 1984 05:00:00 GMT
server
Apache
link
<https://aktywnaodzaraz.pl/wp-json/>; rel="https://api.w.org/"
content-type
text/html; charset=UTF-8
devices.png
payment-files.deezer.com/v2/img/ 		753 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment-files.deezer.com/v2/img/devices.png?1499266632
Requested by
Host: payment-files.deezer.com
URL: https://payment-files.deezer.com/v2/css/sass_c/styles.ltr.css?v=00001134
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.40.123.151 , France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS
blm-vippay-01.ig-1.net
Software
Apache /
Resource Hash
f527b4180b5375971120ef69905f8e0d7a98afb93c6050f8589a289e8308868b

Request headers

Referer
https://payment-files.deezer.com/v2/css/sass_c/styles.ltr.css?v=00001134
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 27 Dec 2020 08:58:08 GMT
Last-Modified
Wed, 05 Jul 2017 14:57:12 GMT
Server
Apache
ETag
"2f1-55393371057e8"
Content-Type
image/png
Cache-Control
max-age=2592000
X-Host
blm-pay-05
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=497
Content-Length
753
Expires
Tue, 26 Jan 2021 08:58:08 GMT
gtm.js
www.googletagmanager.com/ 		279 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPQNZ6
Requested by
Host: aktywnaodzaraz.pl
URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25be9a2693afaac52f24d4b879312c9b887934d40e13b1bf8a468e50bec33077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 08:58:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67833
x-xss-protection
0
last-modified
Sun, 27 Dec 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 27 Dec 2020 08:58:08 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPQNZ6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4054
date
Sun, 27 Dec 2020 07:50:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 27 Dec 2020 09:50:34 GMT
collect
www.google-analytics.com/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=320244106&t=event&ni=1&_s=1&dl=https%3A%2F%2Faktywnaodzaraz.pl%2Fwp-content%2Fuploads%2FSpotify%2F&ul=en-us&de=UTF-8&dt=Spotify%C2%A0Premium&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=cookies-banner&ea=display&_u=YEBAAAABAAAAAC~&jid=1897375630&gjid=1722472201&cid=2103031023.1609059489&tid=UA-417097-17&_gid=721506346.1609059489&_r=1&gtm=2wgbu0PPQNZ6&cd1=(not%20set)&cd3=BE&cd5=https%3A%2F%2Faktywnaodzaraz.pl%2Fwp-content%2Fuploads%2FSpotify%2F&cd6=logged&cd7=&cd8=1&cd9=2103031023.1609059489&z=1848744408
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Dec 2020 08:58:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://aktywnaodzaraz.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spotify (Online)

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| TypeValidator object| type_validator function| FieldValidator object| field_validator function| Modal object| global_window function| listen_field_change function| showComponent function| hideComponent function| isButtonLocked function| lockButton function| unlockButton function| log function| ResponsiveHelper object| responsive_helper function| registerOnResizeCallback function| $ function| jQuery object| adyen number| n function| AdyenCheckout string| _a$checkoutShopperUrl string| _a$hppUrl object| core object| __core-js_shared__ undefined| checkout_cb function| FormTesterCb object| form_tester_cb function| handleOnChangeCb function| challengeShopperValidation function| fingerprintValidation function| displayModal3DS2 function| handleResponse undefined| checkout_amex function| FormTesterAmex object| form_tester_amex function| handleOnChangeAmex function| FormTesterPaypal object| form_tester_paypal function| FormTesterBancontactrecurring object| form_tester_bancontactrecurring function| showMopItem function| hideMopItem object| all_submit_buttons function| lockSubmitButtons function| unlockSubmitButtons function| ErrorMessage function| getAllAttributesOfElem function| getAttributesByData function| getAttributesBeginWith function| filterArrayByKeyName function| pay function| notnb_box_open string| page number| change_mop function| delegate_tracking_action function| delegate_links object| USER string| COUNTRY number| OFFER_ID number| SUB object| dataLayer object| google_tag_manager function| postscribe object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Domain/Path Name / Value
.aktywnaodzaraz.pl/ Name: _gat_UA-417097-17
Value: 1
.aktywnaodzaraz.pl/ Name: _gid
Value: GA1.2.721506346.1609059489
.aktywnaodzaraz.pl/ Name: _ga
Value: GA1.2.2103031023.1609059489

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aktywnaodzaraz.pl
cdns-images.dzcdn.net
checkoutshopper-live.adyen.com
encrypted-tbn2.gstatic.com
payment-files.deezer.com
rebrand.ly
seal.websecurity.norton.com
www.google-analytics.com
www.googletagmanager.com
184.30.218.27
193.67.130.68
2.16.186.75
2a00:1450:4001:802::200e
2a00:1450:4001:808::2008
2a00:1450:4001:820::200e
5.252.230.141
54.81.48.211
78.40.123.151
04e0ac12ba35b16e563908bb758545766a0f0fa0f9d64dc69ae1882d50081f59
25be9a2693afaac52f24d4b879312c9b887934d40e13b1bf8a468e50bec33077
3868dd451a4999521c033f2781fd2d9e94cfa823fe09505355e55b6804f0a3c4
61c260b4be6ad5ef0bdd756f19e5e12da7eb384cbd2b2ee81e3abe4cfaa1d5be
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79ecd961722e9ca6b8577a142650fe847fb8ac09dc672473fc282e6c42781720
a80c88b5d592f1e3871e2edd9318d2e885a7f9c6f3fa006ec4ed233781bdea60
b10d6b7e960f5854c07adc24e2e7be79ac2c2fb042f6bbf4719249497c348a2e
b9e0699272a5df7a51862b402ac6294d8d20993e67588001b8b44bfeb5438a6a
bb807cd3b9903a753407ec9d82c403490bad87e9b707458b7d0e7f165277cd2c
c5f483b117f7eb2a3268d6249ceae058c4054c47679ad4ab5acb7653a7c4ab6b
ca7e3a901a4c83f8367599f43c69147481f7880817e9215cd7090d3901613350
d964a2104d3fd73bfe8260ef8d65ea5c888861190ee851e999d31f5db82e74f7
d9bf89869cc472914c0176566ba4cf962e69666db03d0c602f7699e251e82ac1
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f0dde300e2c0014e265fdc2e3c7e2c56b68107ef4066ad6406705ff043cd96ba
f527b4180b5375971120ef69905f8e0d7a98afb93c6050f8589a289e8308868b
f780314727b07b63064d3408c8595ce7954fd9ce1b3d82c65c4237360775f01d