domy.krosniewice.eu
Open in
urlscan Pro
185.200.47.197
Malicious Activity!
Public Scan
Submission: On June 17 via api from US — Scanned from PL
Summary
TLS certificate: Issued by E6 on June 17th 2024. Valid for: 3 months.
This is the only time domy.krosniewice.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 185.200.47.197 185.200.47.197 | 50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.) | |
4 | 151.101.193.229 151.101.193.229 | 54113 (FASTLY) (FASTLY) | |
3 | 89.40.144.178 89.40.144.178 | 50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.) | |
2 | 157.240.252.13 157.240.252.13 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.160.150.18 3.160.150.18 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.112.121 18.66.112.121 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 8 |
ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-18520047197.seohost-mail.eu
domy.krosniewice.eu |
ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-8940144178.seohost-mail.eu
1z4.net |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net |
ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-18.fra60.r.cloudfront.net
cdn.intum.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-121.fra56.r.cloudfront.net
assets.sugester.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
krosniewice.eu
domy.krosniewice.eu |
2 MB |
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373 |
192 KB |
3 |
1z4.net
1z4.net |
39 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205 |
90 KB |
1 |
sugester.com
assets.sugester.com |
3 KB |
1 |
intum.com
cdn.intum.com |
7 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265 |
27 KB |
0 |
googleapis.com
Failed
fonts.googleapis.com Failed |
|
22 | 8 |
Domain | Requested by | |
---|---|---|
9 | domy.krosniewice.eu |
domy.krosniewice.eu
|
4 | cdn.jsdelivr.net |
domy.krosniewice.eu
cdn.jsdelivr.net |
3 | 1z4.net |
domy.krosniewice.eu
|
2 | connect.facebook.net |
domy.krosniewice.eu
connect.facebook.net |
1 | assets.sugester.com |
domy.krosniewice.eu
|
1 | cdn.intum.com |
domy.krosniewice.eu
|
1 | cdnjs.cloudflare.com |
domy.krosniewice.eu
|
0 | fonts.googleapis.com Failed |
domy.krosniewice.eu
|
22 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
domyzkeramzytu.com.pl |
sugester.pl |
krosniewice.eu |
had.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
krosniewice.eu E6 |
2024-06-17 - 2024-09-15 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
1z4.net R3 |
2024-05-05 - 2024-08-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-03-26 - 2024-06-24 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
*.intum.com Amazon RSA 2048 M02 |
2023-08-02 - 2024-08-29 |
a year | crt.sh |
*.sugester.com Amazon RSA 2048 M02 |
2024-05-16 - 2025-06-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://domy.krosniewice.eu/
Frame ID: 8DD66B551A153C843F9944EE04485D89
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Budowa Domów Krośniewice - MyQu.beDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Szczegóły oferty
Search URL Search Domain Scan URL
Title: Szczegóły oferty
Search URL Search Domain Scan URL
Title: Szczegóły oferty
Search URL Search Domain Scan URL
Title: powered by Sugester Forms
Search URL Search Domain Scan URL
Title: Krośniewice
Search URL Search Domain Scan URL
Title: H&D Interactive
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
domy.krosniewice.eu/ |
31 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ |
160 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
1z4.net/_data/bs/css/ |
119 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/ |
96 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css2
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/pl_PL/ |
3 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
domy.krosniewice.eu/_data/img/logo/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wnetrze-domu-z-keramzytu.jpg
domy.krosniewice.eu/_data/img/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keram-smart.jpg
domy.krosniewice.eu/_data/img/ |
478 KB 479 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keram-eko.jpg
domy.krosniewice.eu/_data/img/ |
565 KB 565 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
keram-maxi.jpg
domy.krosniewice.eu/_data/img/ |
516 KB 516 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
korzysci-z-domow-keramzytowych.jpg
domy.krosniewice.eu/_data/img/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dlaczego-wybierac-keramzyt.jpg
domy.krosniewice.eu/_data/img/ |
65 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ |
84 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
cdn.intum.com/0/h/hadimperium/form/7ZzgOttfEq1aaLsgdu/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script-1.0.min.js
1z4.net/_data/bs/js/ |
48 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hero.jpg
domy.krosniewice.eu/_data/img/ |
121 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
99 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/fonts/ |
128 KB 128 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/pl_PL/ |
299 KB 86 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
progress_bar-67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da.gif
assets.sugester.com/assets/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
1z4.net/_data/bs/favicon/D/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.googleapis.com
- URL
- https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=&display=swap
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)89 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery object| FB function| getUrlParam function| validateHostForCaptcha function| date_from function| date_to function| form_active object| IntumFormOptions boolean| errors function| lavina_form_submit_4542 number| uidEvent object| bootstrap function| HeadingBlink function| HeadingBlinkingEvent function| HeadingRemoveLetter function| HeadingTypeLetter function| HeadingType function| HeadingTypingEvent object| action_panel object| action object| cookies object| copy undefined| today object| gallery_buttons undefined| gallery_button_ID undefined| gallery_modal undefined| gallery_modal_close undefined| gallery_modal_previous undefined| gallery_modal_next undefined| gallery_modal_img undefined| gallery_imgs object| hours_items undefined| hours_modules undefined| date undefined| hours_item_active object| nav_offcanvas string| data_nav undefined| nav_links undefined| nav_track undefined| nav_track_links undefined| isScrolling undefined| bs_offcanvas object| navbar_progress undefined| background undefined| processScroll object| panel_share undefined| page_lang undefined| text_start undefined| window_location_href undefined| window_location_hostname undefined| heading undefined| heading_text undefined| text undefined| text_clipboard undefined| panel_share_list_facebook undefined| panel_share_list_linkedin undefined| panel_share_list_sms undefined| panel_share_list_email undefined| panel_share_list_whatsapp undefined| panel_share_list_copy_to_clipboard undefined| clipboard object| scroll_top object| heading_blinking number| speed_typing number| speed_removing object| heading_typing object| toast_button undefined| toast_button_button object| toast_leave undefined| body object| toast_scroll undefined| toast_scroll_show_attempts undefined| showToastScroll undefined| current_attempts object| toast_time function| getCookie function| addCookie function| cookieAlert undefined| clickPrev undefined| clickNext undefined| updateNavTrack undefined| showToastOnLeave function| ClipboardJS function| Glide object| __buffer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1z4.net
assets.sugester.com
cdn.intum.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
domy.krosniewice.eu
fonts.googleapis.com
fonts.googleapis.com
104.17.25.14
151.101.193.229
157.240.252.13
18.66.112.121
185.200.47.197
3.160.150.18
89.40.144.178
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06f1a6e2a7bf9211ad40cbede2ac9ae2ae2ba43abb4d291200e4322158eb48cc
0716778a7189b1cf9a7116d3a337d10a1fa3583c43162cede6edb2a1b909b960
150e76fa4a0cd284098c1ac358c950305fe0bc4a292734fcf460d49269c66078
1d40bcac760d9dd842ce4b6ebfbe9770b5b3bbd6e2faf70e44dc4523be62c8ba
245b604b43c3d25c6dde3ce58d0a20ce22e8fa6296003d20a3ed3d06cf0d9462
2bcb15b901cd682beef3876887c50b9567a63fc6d1864277099816d5da1c846e
319c6dad5ef2a65d6c4cbec508cee3e8d9937836211b1bc6574c15e4834cff27
354fa3fe013c44bf4e986532c26c963799fad8ac61393d016a675ee0bfd67ab9
4c9bca0388183d206578a3b33f040e70a2eb5bb5962e96e3371e016ce6928dda
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da
7471405dfa53a06dd74ab53554711a693dc6896af2b378733f8c2bad92d48518
88255bc6b4129d1894df2a576c13301b922ebb75ab31d737aed98d24ec87b97d
8f37fcca2e5220123cf0550ac42b6d548fc85ab42e1cd1f0869c6d766510a482
9e9d1d8fa21873b2d7e60cb46563aa8a4b4d91ffea55f935ab8e85134d6928b1
bacd70afda7da1deac2bbd49b5717a4dd133bcd59c379525d705b8492f678e95
bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48
d0862522d65a9953d7a421e1bdd4e06b8ee633d06fdae7617581e664f99cebc2
ebf4b42e9e061052fb7884265262e93415aa56ac59d3fdf792dd88ad0a6ff073
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f9803c0a57e3080e185f8f7605c39abae1b06cf23cc3ebf932c9c29c72317201