www.en.clean.db24.cdnstreamkey.dk
Open in
urlscan Pro
168.119.150.59
Malicious Activity!
Public Scan
Submission: On March 22 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on March 21st 2024. Valid for: 3 months.
This is the only time www.en.clean.db24.cdnstreamkey.dk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Danske Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 168.119.150.59 168.119.150.59 | 24940 (HETZNER-AS) (HETZNER-AS) | |
4 | 2a04:4e42:200... 2a04:4e42:200::485 | 54113 (FASTLY) (FASTLY) | |
1 | 18.238.80.99 18.238.80.99 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42::729 2a04:4e42::729 | 54113 (FASTLY) (FASTLY) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80d::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 7 |
ASN24940 (HETZNER-AS, DE)
PTR: pro06.azehosting.net
www.en.clean.db24.cdnstreamkey.dk |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-99.jfk52.r.cloudfront.net
player.live-video.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
cdnstreamkey.dk
www.en.clean.db24.cdnstreamkey.dk |
6 KB |
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437 |
90 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
792 B |
1 |
gstatic.com
fonts.gstatic.com |
24 KB |
1 |
zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 8209 |
13 KB |
1 |
live-video.net
player.live-video.net — Cisco Umbrella Rank: 50352 |
37 KB |
16 | 6 |
Domain | Requested by | |
---|---|---|
6 | www.en.clean.db24.cdnstreamkey.dk |
www.en.clean.db24.cdnstreamkey.dk
|
4 | cdn.jsdelivr.net |
www.en.clean.db24.cdnstreamkey.dk
|
2 | fonts.googleapis.com |
www.en.clean.db24.cdnstreamkey.dk
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | vjs.zencdn.net |
www.en.clean.db24.cdnstreamkey.dk
|
1 | player.live-video.net |
www.en.clean.db24.cdnstreamkey.dk
|
16 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.en.clean.db24.cdnstreamkey.dk R3 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
player.live-video.net Amazon RSA 2048 M02 |
2023-10-18 - 2024-11-13 |
a year | crt.sh |
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-03-06 - 2025-04-07 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.en.clean.db24.cdnstreamkey.dk/
Frame ID: D202DA61E152CACEDC4E2B101BBAB7F4
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
DB AGM 24 | StreamkeyDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
RightJS (JavaScript Frameworks) Expand
Detected patterns
- right\.js
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.en.clean.db24.cdnstreamkey.dk/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ |
227 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ |
79 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.11.1/font/ |
96 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.en.clean.db24.cdnstreamkey.dk/src/ |
4 KB 892 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
copyright.js
www.en.clean.db24.cdnstreamkey.dk/public/ |
525 B 196 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
www.en.clean.db24.cdnstreamkey.dk/src/ |
22 B 133 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amazon-ivs-player.min.js
player.live-video.net/1.18.0/ |
145 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-js.css
vjs.zencdn.net/8.11.1/ |
51 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.en.clean.db24.cdnstreamkey.dk/public/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
poster.svg
www.en.clean.db24.cdnstreamkey.dk/public/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
761 B 792 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d5838d81-0f1c-4704-ad87-404333588ae2
https://www.en.clean.db24.cdnstreamkey.dk/ |
82 B 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
351 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
242 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Danske Bank (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| uidEvent object| bootstrap boolean| isMuted object| IVSPlayer object| regeneratorRuntime0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
player.live-video.net
vjs.zencdn.net
www.en.clean.db24.cdnstreamkey.dk
168.119.150.59
18.238.80.99
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81f::2003
2a04:4e42:200::485
2a04:4e42::729
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2566dcb0230f1ae2412d24ade3f940e3e6a6b3b6ee40501711bf53abc19386a7
287d6a781638eac4a18df6ef7c0edc7c19d3c76c0a65d846b8d78432ca6efcd6
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
465017b2d605d5c4827ff578c51789767dc1bd676601dac1448adcfe3e00023c
60c6bec0033a424572cfdf7da1d5fb94f4719286006a7f2cb9e76ee24d99babf
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
869f34a688431b0cb0133b5e22cc2ef5e9750450dbf2e40c702c2af8bd5e2706
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92e11fbc7753b5be23fd489ba4e09c0d62d0b8c64e466845b4534934c46c85d6
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
bb6fd8cd85394cb367e8ac58e47292f2d68eb288fa12fab68e65430a5ddfce48
ca90c4e6ebf97879d95e6df6cbd39c7684d833709e33ce2c2bac4a1f88da3d99
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d98fe5d4de4dc4af02ad82497ccedd44d5b4b1e2faf3cc9e64ca5ec191872277
de02a2bcff3e3d3e1d637c8d37b72f5d745e55afaf70fa31f16f61bf03881b50