disneyplus.lillbjorkensbyggeri.se
Open in
urlscan Pro
46.30.213.42
Malicious Activity!
Public Scan
Submission: On March 16 via manual from IL — Scanned from SE
Summary
This is the only time disneyplus.lillbjorkensbyggeri.se was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Disney (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 46.30.213.42 46.30.213.42 | 51468 (ONECOM) (ONECOM) | |
8 | 1 |
ASN51468 (ONECOM, DK)
PTR: webcluster2.webpod12-cph3.one.com
disneyplus.lillbjorkensbyggeri.se |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
lillbjorkensbyggeri.se
disneyplus.lillbjorkensbyggeri.se |
165 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
8 | disneyplus.lillbjorkensbyggeri.se |
disneyplus.lillbjorkensbyggeri.se
|
8 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://disneyplus.lillbjorkensbyggeri.se/
Frame ID: 6468DD62DEE1E68B566CD8A4AC9DA54E
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
disneyplus.lillbjorkensbyggeri.se/ |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_styles_bundle.css
disneyplus.lillbjorkensbyggeri.se/style/ |
298 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
disneyplus.lillbjorkensbyggeri.se/style/ |
29 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
react.css
disneyplus.lillbjorkensbyggeri.se/style/ |
40 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-loader-32@3x.png
disneyplus.lillbjorkensbyggeri.se/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
disneyplus.lillbjorkensbyggeri.se/img/ico/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Avenir-Heavy-05.woff
disneyplus.lillbjorkensbyggeri.se/fonts/ |
56 KB 56 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Avenir-Roman-12.woff
disneyplus.lillbjorkensbyggeri.se/fonts/ |
42 KB 42 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Disney (Entertainment)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
disneyplus.lillbjorkensbyggeri.se/ | Name: PHPSESSID Value: 755a071f7d96f2b5bc7dabc6acb2d2d4 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
disneyplus.lillbjorkensbyggeri.se
46.30.213.42
0029f1286a69af2513ce3bc9b9818f73b1dae86d6e69e6190e32e8ceb20404d8
1920ca5153bc2ae87e17795a12ac5835113513b922c95d0bf44ee026200b8631
23248741c76ca3d003122a50aacffd608d0d568c7048b296ef73a1ec1ca59c5d
4442cba812240f56b7adde799c1a97c7970875d0d01cbf1c5667e25c6beed2cf
5acc14f1488930083712f8ed8aa2a253d377a7b46112509ab3b6fdea19908aca
6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554
7f969dfd78c9a121df069f10e78d4b6072b83276a27f0908041db9a2fb46967f
99cb8843b8f5fefe4d134bee9e8d579dfb26acfcbac0a7fc81332a84d4fa84bb