disneyplus.lillbjorkensbyggeri.se Open in urlscan Pro
46.30.213.42 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://disneyplus.lillbjorkensbyggeri.se/
Submission: On March 16 via manual (March 16th 2024, 6:56:47 pm UTC) from IL — Scanned from SE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 46.30.213.42, located in Copenhagen, Denmark and belongs to ONECOM, DK. The main domain is disneyplus.lillbjorkensbyggeri.se.

This is the only time disneyplus.lillbjorkensbyggeri.se was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Disney (Entertainment)

Domain & IP information

	IP Address		AS Autonomous System
8	46.30.213.42 46.30.213.42		51468 (ONECOM) (ONECOM)
8	1

8 46.30.213.42 (Copenhagen, Denmark)

ASN51468 (ONECOM, DK)
PTR: webcluster2.webpod12-cph3.one.com

disneyplus.lillbjorkensbyggeri.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	lillbjorkensbyggeri.se disneyplus.lillbjorkensbyggeri.se	165 KB
8	1

	Domain	Requested by
8	disneyplus.lillbjorkensbyggeri.se	disneyplus.lillbjorkensbyggeri.se
8	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://disneyplus.lillbjorkensbyggeri.se/
Frame ID: 6468DD62DEE1E68B566CD8A4AC9DA54E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Einloggen | Disney+

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

165 kB
Transfer

483 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response disneyplus.lillbjorkensbyggeri.se/	7 KB 3 KB	91ms 43ms	Document text/html	46.30.213.42 ONECOM
General Check archive.org Show headers Download Go to Full URL http://disneyplus.lillbjorkensbyggeri.se/ Protocol HTTP/1.1 Server 46.30.213.42 Copenhagen, Denmark, ASN51468 (ONECOM, DK), Reverse DNS webcluster2.webpod12-cph3.one.com Software Apache / PHP/8.0.30 Resource Hash `99cb8843b8f5fefe4d134bee9e8d579dfb26acfcbac0a7fc81332a84d4fa84bb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language se-SE,se;q=0.9 Response headers Accept-Ranges bytes Age 0 Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Encoding gzip Content-Length 2143 Content-Type text/html; charset=UTF-8 Date Sat, 16 Mar 2024 18:56:43 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache Vary Accept-Encoding Via 1.1 webcache2 (Varnish/trunk) X-Powered-By PHP/8.0.30 X-Varnish 10477914131
GET H/1.1	200 OK	app_styles_bundle.css disneyplus.lillbjorkensbyggeri.se/style/	298 KB 41 KB	47ms 46ms	Stylesheet text/css	46.30.213.42 ONECOM
General Check archive.org Show headers Download Go to Full URL http://disneyplus.lillbjorkensbyggeri.se/style/app_styles_bundle.css Requested by Host: disneyplus.lillbjorkensbyggeri.se URL: http://disneyplus.lillbjorkensbyggeri.se/ Protocol HTTP/1.1 Server 46.30.213.42 Copenhagen, Denmark, ASN51468 (ONECOM, DK), Reverse DNS webcluster2.webpod12-cph3.one.com Software Apache / Resource Hash `0029f1286a69af2513ce3bc9b9818f73b1dae86d6e69e6190e32e8ceb20404d8` Request headers accept-language se-SE,se;q=0.9 Referer http://disneyplus.lillbjorkensbyggeri.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 18:56:43 GMT Content-Encoding gzip Via 1.1 webcache2 (Varnish/trunk) Last-Modified Fri, 11 Feb 2022 01:55:52 GMT Server Apache Age 0 ETag "4a835-5d7b45dd6da00-gzip" Vary Accept-Encoding Content-Type text/css X-Varnish 10477914133 Connection keep-alive Accept-Ranges bytes Content-Length 41140
GET H/1.1	200 OK	main.css disneyplus.lillbjorkensbyggeri.se/style/	29 KB 4 KB	76ms 39ms	Stylesheet text/css	46.30.213.42 ONECOM
General Check archive.org Show headers Download Go to Full URL http://disneyplus.lillbjorkensbyggeri.se/style/main.css Requested by Host: disneyplus.lillbjorkensbyggeri.se URL: http://disneyplus.lillbjorkensbyggeri.se/ Protocol HTTP/1.1 Server 46.30.213.42 Copenhagen, Denmark, ASN51468 (ONECOM, DK), Reverse DNS webcluster2.webpod12-cph3.one.com Software Apache / Resource Hash `7f969dfd78c9a121df069f10e78d4b6072b83276a27f0908041db9a2fb46967f` Request headers accept-language se-SE,se;q=0.9 Referer http://disneyplus.lillbjorkensbyggeri.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 18:56:43 GMT Content-Encoding gzip Via 1.1 webcache2 (Varnish/trunk) Last-Modified Fri, 11 Feb 2022 01:55:52 GMT Server Apache Age 0 ETag "749c-5d7b45dd6da00-gzip" Vary Accept-Encoding Content-Type text/css X-Varnish 10497700945 Connection keep-alive Accept-Ranges bytes Content-Length 3995
GET H/1.1	200 OK	react.css disneyplus.lillbjorkensbyggeri.se/style/	40 KB 8 KB	76ms 39ms	Stylesheet text/css	46.30.213.42 ONECOM
General Check archive.org Show headers Download Go to Full URL http://disneyplus.lillbjorkensbyggeri.se/style/react.css Requested by Host: disneyplus.lillbjorkensbyggeri.se URL: http://disneyplus.lillbjorkensbyggeri.se/ Protocol HTTP/1.1 Server 46.30.213.42 Copenhagen, Denmark, ASN51468 (ONECOM, DK), Reverse DNS webcluster2.webpod12-cph3.one.com Software Apache / Resource Hash `5acc14f1488930083712f8ed8aa2a253d377a7b46112509ab3b6fdea19908aca` Request headers accept-language se-SE,se;q=0.9 Referer http://disneyplus.lillbjorkensbyggeri.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 18:56:43 GMT Content-Encoding gzip Via 1.1 webcache2 (Varnish/trunk) Last-Modified Fri, 11 Feb 2022 01:55:52 GMT Server Apache Age 0 ETag "9ea8-5d7b45dd6da00-gzip" Vary Accept-Encoding Content-Type text/css X-Varnish 10451240660 Connection keep-alive Accept-Ranges bytes Content-Length 7437
GET H/1.1	200 OK	icon-loader-32@3x.png disneyplus.lillbjorkensbyggeri.se/img/	4 KB 5 KB	75ms 37ms	Image image/png	46.30.213.42 ONECOM
General Check archive.org Show headers Download Go to Show image Full URL http://disneyplus.lillbjorkensbyggeri.se/img/icon-loader-32@3x.png Requested by Host: disneyplus.lillbjorkensbyggeri.se URL: http://disneyplus.lillbjorkensbyggeri.se/ Protocol HTTP/1.1 Server 46.30.213.42 Copenhagen, Denmark, ASN51468 (ONECOM, DK), Reverse DNS webcluster2.webpod12-cph3.one.com Software Apache / Resource Hash `23248741c76ca3d003122a50aacffd608d0d568c7048b296ef73a1ec1ca59c5d` Request headers accept-language se-SE,se;q=0.9 Referer http://disneyplus.lillbjorkensbyggeri.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 18:56:43 GMT Via 1.1 webcache2 (Varnish/trunk) Last-Modified Fri, 11 Feb 2022 01:55:52 GMT Server Apache Age 0 ETag "11d7-5d7b45dd6da00" X-Varnish 10570437865 Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4567
GET H/1.1	200 OK	logo.svg disneyplus.lillbjorkensbyggeri.se/img/ico/	7 KB 7 KB	77ms 39ms	Image image/svg+xml	46.30.213.42 ONECOM
General Check archive.org Show headers Download Go to Show image Full URL http://disneyplus.lillbjorkensbyggeri.se/img/ico/logo.svg Requested by Host: disneyplus.lillbjorkensbyggeri.se URL: http://disneyplus.lillbjorkensbyggeri.se/ Protocol HTTP/1.1 Server 46.30.213.42 Copenhagen, Denmark, ASN51468 (ONECOM, DK), Reverse DNS webcluster2.webpod12-cph3.one.com Software Apache / Resource Hash `6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554` Request headers accept-language se-SE,se;q=0.9 Referer http://disneyplus.lillbjorkensbyggeri.se/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 18:56:43 GMT Via 1.1 webcache2 (Varnish/trunk) Last-Modified Fri, 11 Feb 2022 01:55:52 GMT Server Apache Age 0 ETag "1b3d-5d7b45dd6da00" X-Varnish 10561524380 Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 6973
GET H/1.1	200 OK	Avenir-Heavy-05.woff disneyplus.lillbjorkensbyggeri.se/fonts/	56 KB 56 KB	40ms 39ms	Font application/font-woff	46.30.213.42 ONECOM
General Check archive.org Show headers Download Go to Full URL http://disneyplus.lillbjorkensbyggeri.se/fonts/Avenir-Heavy-05.woff Requested by Host: disneyplus.lillbjorkensbyggeri.se URL: http://disneyplus.lillbjorkensbyggeri.se/style/main.css Protocol HTTP/1.1 Server 46.30.213.42 Copenhagen, Denmark, ASN51468 (ONECOM, DK), Reverse DNS webcluster2.webpod12-cph3.one.com Software Apache / Resource Hash `1920ca5153bc2ae87e17795a12ac5835113513b922c95d0bf44ee026200b8631` Request headers Referer http://disneyplus.lillbjorkensbyggeri.se/style/main.css Origin http://disneyplus.lillbjorkensbyggeri.se accept-language se-SE,se;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 18:56:43 GMT Via 1.1 webcache2 (Varnish/trunk) Last-Modified Fri, 11 Feb 2022 01:55:52 GMT Server Apache Age 0 ETag "df50-5d7b45dd6da00" X-Varnish 10392826692 Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 57168
GET H/1.1	200 OK	Avenir-Roman-12.woff disneyplus.lillbjorkensbyggeri.se/fonts/	42 KB 42 KB	38ms 38ms	Font application/font-woff	46.30.213.42 ONECOM
General Check archive.org Show headers Download Go to Full URL http://disneyplus.lillbjorkensbyggeri.se/fonts/Avenir-Roman-12.woff Requested by Host: disneyplus.lillbjorkensbyggeri.se URL: http://disneyplus.lillbjorkensbyggeri.se/style/main.css Protocol HTTP/1.1 Server 46.30.213.42 Copenhagen, Denmark, ASN51468 (ONECOM, DK), Reverse DNS webcluster2.webpod12-cph3.one.com Software Apache / Resource Hash `4442cba812240f56b7adde799c1a97c7970875d0d01cbf1c5667e25c6beed2cf` Request headers Referer http://disneyplus.lillbjorkensbyggeri.se/style/main.css Origin http://disneyplus.lillbjorkensbyggeri.se accept-language se-SE,se;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Sat, 16 Mar 2024 18:56:43 GMT Via 1.1 webcache2 (Varnish/trunk) Last-Modified Fri, 11 Feb 2022 01:55:52 GMT Server Apache Age 0 ETag "a868-5d7b45dd6da00" X-Varnish 10565521757 Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 43112

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Disney (Entertainment)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			disneyplus.lillbjorkensbyggeri.se/	1969-12-31 23:59:59	Name: PHPSESSID Value: 755a071f7d96f2b5bc7dabc6acb2d2d4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

disneyplus.lillbjorkensbyggeri.se
46.30.213.42
0029f1286a69af2513ce3bc9b9818f73b1dae86d6e69e6190e32e8ceb20404d8
1920ca5153bc2ae87e17795a12ac5835113513b922c95d0bf44ee026200b8631
23248741c76ca3d003122a50aacffd608d0d568c7048b296ef73a1ec1ca59c5d
4442cba812240f56b7adde799c1a97c7970875d0d01cbf1c5667e25c6beed2cf
5acc14f1488930083712f8ed8aa2a253d377a7b46112509ab3b6fdea19908aca
6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554
7f969dfd78c9a121df069f10e78d4b6072b83276a27f0908041db9a2fb46967f
99cb8843b8f5fefe4d134bee9e8d579dfb26acfcbac0a7fc81332a84d4fa84bb

disneyplus.lillbjorkensbyggeri.se Open in urlscan Pro 46.30.213.42 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

165 kBTransfer

483 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

disneyplus.lillbjorkensbyggeri.se Open in urlscan Pro
46.30.213.42 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

165 kB
Transfer

483 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!