aktywnaodzaraz.pl
Open in
urlscan Pro
5.252.230.141
Malicious Activity!
Public Scan
Effective URL: https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Submission: On December 27 via manual from HU
Summary
TLS certificate: Issued by www.lh.pl on October 8th 2020. Valid for: a year.
This is the only time aktywnaodzaraz.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spotify (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.81.48.211 54.81.48.211 | 14618 (AMAZON-AES) (AMAZON-AES) | |
5 | 5.252.230.141 5.252.230.141 | 203417 (LH) (LH) | |
2 | 193.67.130.68 193.67.130.68 | 200596 (ADYEN) (ADYEN) | |
9 | 78.40.123.151 78.40.123.151 | 39605 (IGUANESOL...) (IGUANESOLUTIONS) | |
1 | 184.30.218.27 184.30.218.27 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2.16.186.75 2.16.186.75 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:820::200e | 15169 (GOOGLE) (GOOGLE) | |
22 | 8 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-48-211.compute-1.amazonaws.com
rebrand.ly |
ASN39605 (IGUANESOLUTIONS, FR)
PTR: blm-vippay-01.ig-1.net
payment-files.deezer.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-218-27.deploy.static.akamaitechnologies.com
seal.websecurity.norton.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-75.deploy.static.akamaitechnologies.com
cdns-images.dzcdn.net |
ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
deezer.com
payment-files.deezer.com |
260 KB |
5 |
aktywnaodzaraz.pl
aktywnaodzaraz.pl |
52 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
adyen.com
checkoutshopper-live.adyen.com |
96 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
67 KB |
1 |
gstatic.com
encrypted-tbn2.gstatic.com |
1 KB |
1 |
dzcdn.net
cdns-images.dzcdn.net |
1 KB |
1 |
norton.com
seal.websecurity.norton.com |
217 B |
1 |
rebrand.ly
1 redirects
rebrand.ly |
330 B |
22 | 9 |
Domain | Requested by | |
---|---|---|
9 | payment-files.deezer.com |
aktywnaodzaraz.pl
payment-files.deezer.com |
5 | aktywnaodzaraz.pl |
aktywnaodzaraz.pl
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | checkoutshopper-live.adyen.com |
aktywnaodzaraz.pl
|
1 | www.googletagmanager.com |
aktywnaodzaraz.pl
|
1 | encrypted-tbn2.gstatic.com |
aktywnaodzaraz.pl
|
1 | cdns-images.dzcdn.net |
aktywnaodzaraz.pl
|
1 | seal.websecurity.norton.com |
aktywnaodzaraz.pl
|
1 | rebrand.ly | 1 redirects |
22 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.symantec.com |
support.deezer.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
aktywnaodzaraz.pl www.lh.pl |
2020-10-08 - 2021-10-08 |
a year | crt.sh |
*.adyen.com Thawte TLS RSA CA G1 |
2020-01-08 - 2022-04-08 |
2 years | crt.sh |
*.deezer.com Gandi Pro SSL CA 2 |
2019-07-31 - 2021-08-05 |
2 years | crt.sh |
seal.websecurity.norton.com DigiCert SHA2 Extended Validation Server CA |
2020-03-23 - 2022-04-03 |
2 years | crt.sh |
cdn-content.dzcdn.net Let's Encrypt Authority X3 |
2020-10-22 - 2021-01-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/
Frame ID: C8EFC0A3EFE091B79F998CECFE3FEBDE
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://rebrand.ly/polan
HTTP 301
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: À propos des certificats SSL
Search URL Search Domain Scan URL
Title: consultez notre FAQ
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://rebrand.ly/polan
HTTP 301
https://aktywnaodzaraz.pl/wp-content/uploads/Spotify/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
aktywnaodzaraz.pl/wp-content/uploads/Spotify/ Redirect Chain
|
195 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adyen.css
checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.2.0/ |
31 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
payment-files.deezer.com/v2/css/sass_c/ |
29 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.ltr.css
payment-files.deezer.com/v2/css/sass_c/ |
92 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getseal
seal.websecurity.norton.com/ |
13 B 217 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
50x50.jpg
cdns-images.dzcdn.net/images/user/215ff2502e9ffdc9adc1015285764c94/ |
816 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xvx.js
aktywnaodzaraz.pl/wp-content/uploads/Spotify/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xvx.js
aktywnaodzaraz.pl/wp-content/uploads/Spotify/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
images
encrypted-tbn2.gstatic.com/ |
686 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adyen.cardtype.min.js
payment-files.deezer.com/v2/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adyen.encrypt.min.js
payment-files.deezer.com/v2/js/ |
107 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adyen.js
checkoutshopper-live.adyen.com/checkoutshopper/sdk/3.2.0/ |
406 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secured.png
payment-files.deezer.com/v2/img/ |
415 B 776 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logos-se0586fca0b.png
payment-files.deezer.com/v2/img/compass/sprites/ |
164 KB 164 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
deezer-icons.woff
payment-files.deezer.com/v2/fonts/deezer-icons/ |
4 KB 4 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
open-sans.woff
payment-files.deezer.com/v2/fonts/open-sans/ |
34 KB 34 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xvx.js
aktywnaodzaraz.pl/wp-content/uploads/Spotify/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xvx.js
aktywnaodzaraz.pl/wp-content/uploads/Spotify/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
devices.png
payment-files.deezer.com/v2/img/ |
753 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
279 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 69 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spotify (Online)79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| TypeValidator object| type_validator function| FieldValidator object| field_validator function| Modal object| global_window function| listen_field_change function| showComponent function| hideComponent function| isButtonLocked function| lockButton function| unlockButton function| log function| ResponsiveHelper object| responsive_helper function| registerOnResizeCallback function| $ function| jQuery object| adyen number| n function| AdyenCheckout string| _a$checkoutShopperUrl string| _a$hppUrl object| core object| __core-js_shared__ undefined| checkout_cb function| FormTesterCb object| form_tester_cb function| handleOnChangeCb function| challengeShopperValidation function| fingerprintValidation function| displayModal3DS2 function| handleResponse undefined| checkout_amex function| FormTesterAmex object| form_tester_amex function| handleOnChangeAmex function| FormTesterPaypal object| form_tester_paypal function| FormTesterBancontactrecurring object| form_tester_bancontactrecurring function| showMopItem function| hideMopItem object| all_submit_buttons function| lockSubmitButtons function| unlockSubmitButtons function| ErrorMessage function| getAllAttributesOfElem function| getAttributesByData function| getAttributesBeginWith function| filterArrayByKeyName function| pay function| notnb_box_open string| page number| change_mop function| delegate_tracking_action function| delegate_links object| USER string| COUNTRY number| OFFER_ID number| SUB object| dataLayer object| google_tag_manager function| postscribe object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.aktywnaodzaraz.pl/ | Name: _gat_UA-417097-17 Value: 1 |
|
.aktywnaodzaraz.pl/ | Name: _gid Value: GA1.2.721506346.1609059489 |
|
.aktywnaodzaraz.pl/ | Name: _ga Value: GA1.2.2103031023.1609059489 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aktywnaodzaraz.pl
cdns-images.dzcdn.net
checkoutshopper-live.adyen.com
encrypted-tbn2.gstatic.com
payment-files.deezer.com
rebrand.ly
seal.websecurity.norton.com
www.google-analytics.com
www.googletagmanager.com
184.30.218.27
193.67.130.68
2.16.186.75
2a00:1450:4001:802::200e
2a00:1450:4001:808::2008
2a00:1450:4001:820::200e
5.252.230.141
54.81.48.211
78.40.123.151
04e0ac12ba35b16e563908bb758545766a0f0fa0f9d64dc69ae1882d50081f59
25be9a2693afaac52f24d4b879312c9b887934d40e13b1bf8a468e50bec33077
3868dd451a4999521c033f2781fd2d9e94cfa823fe09505355e55b6804f0a3c4
61c260b4be6ad5ef0bdd756f19e5e12da7eb384cbd2b2ee81e3abe4cfaa1d5be
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79ecd961722e9ca6b8577a142650fe847fb8ac09dc672473fc282e6c42781720
a80c88b5d592f1e3871e2edd9318d2e885a7f9c6f3fa006ec4ed233781bdea60
b10d6b7e960f5854c07adc24e2e7be79ac2c2fb042f6bbf4719249497c348a2e
b9e0699272a5df7a51862b402ac6294d8d20993e67588001b8b44bfeb5438a6a
bb807cd3b9903a753407ec9d82c403490bad87e9b707458b7d0e7f165277cd2c
c5f483b117f7eb2a3268d6249ceae058c4054c47679ad4ab5acb7653a7c4ab6b
ca7e3a901a4c83f8367599f43c69147481f7880817e9215cd7090d3901613350
d964a2104d3fd73bfe8260ef8d65ea5c888861190ee851e999d31f5db82e74f7
d9bf89869cc472914c0176566ba4cf962e69666db03d0c602f7699e251e82ac1
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f0dde300e2c0014e265fdc2e3c7e2c56b68107ef4066ad6406705ff043cd96ba
f527b4180b5375971120ef69905f8e0d7a98afb93c6050f8589a289e8308868b
f780314727b07b63064d3408c8595ce7954fd9ce1b3d82c65c4237360775f01d