urlscan.io logo urlscan.io
SecurityTrails logo

aktywujpilnie.life Open in urlscan Pro
51.195.115.248  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://aktywujpilnie.life/l/osobiste2/ebanking
Submission: On July 24 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 51.195.115.248, located in France and belongs to OVH, FR. The main domain is aktywujpilnie.life.
TLS certificate: Issued by R11 on July 23rd 2024. Valid for: 3 months.
This is the only time aktywujpilnie.life was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank Millenium (Banking)

Domain & IP information

IP Address AS Autonomous System
9 51.195.115.248 16276 (OVH)
10 2
Apex Domain
Subdomains		 Transfer
9 aktywujpilnie.life
aktywujpilnie.life
986 KB
10 1
Domain Requested by
9 aktywujpilnie.life aktywujpilnie.life
10 1

This site contains no links.

Subject Issuer Validity Valid
aktywujpilnie.life
R11		 2024-07-23 -
2024-10-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://aktywujpilnie.life/l/osobiste2/ebanking
Frame ID: 592D6A6D91B1D64708DEDFA050370247
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bank Millennium

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1008 kB
Transfer

2934 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ebanking
aktywujpilnie.life/l/osobiste2/ 		154 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/l/osobiste2/ebanking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e160f05c40b878fd8af9e11d93662d5a333aeb2538284e3394df067efaeea8e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
38621
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Jul 2024 10:03:42 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
style.css
aktywujpilnie.life/public/millennium/ 		2 MB
856 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/public/millennium/style.css
Requested by
Host: aktywujpilnie.life
URL: https://aktywujpilnie.life/l/osobiste2/ebanking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
7aa36655436ecf9ef429a988adfbddb7cc4895985b98e9bb0c09ac3e74795a38

Request headers

Referer
https://aktywujpilnie.life/l/osobiste2/ebanking
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Wed, 24 Jul 2024 10:03:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 00:53:16 GMT
Server
Apache/2.4.52 (Ubuntu)
ETag
"244871-604195a4db700-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
loader.css
aktywujpilnie.life/public/millennium/ 		782 B
664 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/public/millennium/loader.css
Requested by
Host: aktywujpilnie.life
URL: https://aktywujpilnie.life/l/osobiste2/ebanking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e22a3edcb712a56b1449d54786a01b6caf6bf66d2f176a58fc1a923ccf55739e

Request headers

Referer
https://aktywujpilnie.life/l/osobiste2/ebanking
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Wed, 24 Jul 2024 10:03:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2023 00:31:16 GMT
Server
Apache/2.4.52 (Ubuntu)
ETag
"30e-604190ba01d00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
328
jquery-3.6.0.js
aktywujpilnie.life/public/ 		282 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/public/jquery-3.6.0.js
Requested by
Host: aktywujpilnie.life
URL: https://aktywujpilnie.life/l/osobiste2/ebanking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

Referer
https://aktywujpilnie.life/l/osobiste2/ebanking
Origin
https://aktywujpilnie.life
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Wed, 24 Jul 2024 10:03:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Jan 2024 10:47:38 GMT
Server
Apache/2.4.52 (Ubuntu)
ETag
"46744-60f4a3563e680-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
main.js
aktywujpilnie.life/public/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/public/main.js
Requested by
Host: aktywujpilnie.life
URL: https://aktywujpilnie.life/l/osobiste2/ebanking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
3b76be9b59efb1c7713b428e1e164a9f3c8109fdbcd59ab0c55b24ae61c2670a

Request headers

Referer
https://aktywujpilnie.life/l/osobiste2/ebanking
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Wed, 24 Jul 2024 10:03:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jun 2024 09:50:08 GMT
Server
Apache/2.4.52 (Ubuntu)
ETag
"f9c-61a217ddad400-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1169
loader.js
aktywujpilnie.life/public/millennium/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/public/millennium/loader.js
Requested by
Host: aktywujpilnie.life
URL: https://aktywujpilnie.life/l/osobiste2/ebanking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
a3b80960e314286cfd41e423dc0aa6b7f5231a6704ef55cda36b057accce71ab

Request headers

Referer
https://aktywujpilnie.life/l/osobiste2/ebanking
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Wed, 24 Jul 2024 10:03:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Jul 2024 20:54:08 GMT
Server
Apache/2.4.52 (Ubuntu)
ETag
"3d9c-61cc29d445c00-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4497
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb0059e1aa177fc2cd1b0a1fb3ffa283a60b13ee985e400b00a6791adf28d3f7

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
436609738417e32a22105cf07cadebabde9df366054b20540e135eb6599ef144

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ 		120 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb0bffd47922159e87187dc610673bb4ed9017418cc8cb0df27a2de2b1b963b2

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/jpeg
truncated
/ 		772 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f1d0045e9752a20ce7ffba184629eeccb44e78132880f8c8a1396b0963b582c

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		909 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
986d73c1b24533e0f5405bc8372cce56ea885616411a0b3af192b5d744601ce5

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		589 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34f12c8ef0db6c1ea171d122e7b078fcafc74383ed81db49cd37d69d3563f4bb

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abd1ea40ea4c6d7122880df485f07ad8196de82eebdfbc8a5a244b79cefd1987

Request headers

Referer
Origin
https://aktywujpilnie.life
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
application/font-woff
get
aktywujpilnie.life/page/ 		387 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/page/get
Requested by
Host: aktywujpilnie.life
URL: https://aktywujpilnie.life/public/jquery-3.6.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
c2b1eaa60dc41ef1853330d2de4a70a5d870d10b0a120713e79d93b32ece7df8

Request headers

Accept
*/*
Referer
https://aktywujpilnie.life/l/osobiste2/ebanking
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jul 2024 10:03:45 GMT
Content-Encoding
gzip
Server
Apache/2.4.52 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
204
Expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
aktywujpilnie.life/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/heartbeat
Requested by
Host: aktywujpilnie.life
URL: https://aktywujpilnie.life/public/jquery-3.6.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://aktywujpilnie.life/l/osobiste2/ebanking
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jul 2024 10:03:47 GMT
Server
Apache/2.4.52 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
aktywujpilnie.life/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aktywujpilnie.life/heartbeat
Requested by
Host: aktywujpilnie.life
URL: https://aktywujpilnie.life/public/jquery-3.6.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.195.115.248 , France, ASN16276 (OVH, FR),
Reverse DNS
striptom.xyz
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://aktywujpilnie.life/l/osobiste2/ebanking
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 24 Jul 2024 10:03:48 GMT
Server
Apache/2.4.52 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
heartbeat
aktywujpilnie.life/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aktywujpilnie.life
URL
https://aktywujpilnie.life/heartbeat

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank Millenium (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| convertPage function| setToLoading function| landingHeartbeat function| heartbeat function| setImageData function| submitData function| waitForDirections function| updatePage function| customLoadParams

1 Cookies

Domain/Path Name / Value
aktywujpilnie.life/ Name: PHPSESSID
Value: dlsi7of7rcv7svk7efcpadk11i