oym.gr Open in urlscan Pro
136.144.209.210 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://oym.gr/ECOVACS%20ROBOTICS/O365
Effective URL:
https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8...
Submission: On March 01 via api (March 1st 2021, 7:22:58 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 136.144.209.210, located in Eindhoven, Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is oym.gr.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 27th 2020. Valid for: 3 months.

This is the only time oym.gr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

	IP Address		AS Autonomous System
1 14	136.144.209.210 136.144.209.210		20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam)
19	2

14 136.144.209.210 (Eindhoven, Netherlands) 1 redirects

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: host.bclaike.eu

oym.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	oym.gr 1 redirects oym.gr	141 KB
0	grammarly.com Failed static.grammarly.com Failed
19	2

	Domain	Requested by
14	oym.gr	1 redirects oym.gr
0	static.grammarly.com Failed	oym.gr
19	2

This site contains no links.

Subject Issuer	Validity	Valid
oym.gr cPanel, Inc. Certification Authority	`2020-12-27` - `2021-03-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
Frame ID: 275CB59CFAEAE44F702077B535AEF85B
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://oym.gr/ECOVACS%20ROBOTICS/O365 HTTP 301
https://oym.gr/ECOVACS%20ROBOTICS/O365/ Page URL
https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Page Statistics

19
Requests

68 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

140 kB
Transfer

262 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://oym.gr/ECOVACS%20ROBOTICS/O365 HTTP 301
https://oym.gr/ECOVACS%20ROBOTICS/O365/ Page URL
https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://oym.gr/ECOVACS%20ROBOTICS/O365 HTTP 301
https://oym.gr/ECOVACS%20ROBOTICS/O365/

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
oym.gr/ECOVACS%20ROBOTICS/O365/
Redirect Chain

https://oym.gr/ECOVACS%20ROBOTICS/O365
https://oym.gr/ECOVACS%20ROBOTICS/O365/

201 B
447 B

119ms
118ms

Document
text/html

136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

dbea0c85f802807ebbf8a4614edb48817387143c6093a23b5ce46d7086aa9f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: oym.gr
:scheme: https
:path: /ECOVACS%20ROBOTICS/O365/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Mon, 01 Mar 2021 19:22:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: EXPIRED
x-server-powered-by: Engintron
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 01 Mar 2021 19:22:38 GMT
content-type: text/html; charset=iso-8859-1
content-length: 247
location: https://oym.gr/ECOVACS%20ROBOTICS/O365/
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron

GET
H2 200 Primary Request / Show response
oym.gr/ECOVACS%20ROBOTICS/O365/home/ 8 KB
2 KB 72ms
72ms Document
text/html 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

0f97bbfc53d9ee90f5d87b52ffc4d5eb838716ed63493100503c2989ba579bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

:method: GET
:authority: oym.gr
:scheme: https
:path: /ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/

Response headers

server: nginx
date: Mon, 01 Mar 2021 19:22:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=29da2f9b709070166c15c930a1a1eb8d; path=/
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip

GET
H2 200 main.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 23 KB
6 KB 16ms
14ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/main.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

f96b84492a2b5d4d79093c6182a9469e7a3e7994d6ebd1b213a022631f1fce87

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:19:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 deprecatedGuidelines.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 12 KB
3 KB 16ms
14ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/deprecatedGuidelines.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

6c762068da47767414b8ce1d70f784788ea5cd3c9016580cbf7c793b841e4cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:19:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 pageStyle.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 4 KB
1 KB 16ms
15ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/pageStyle.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

a8a651288f2b76da3aeb6b852b18aeb68eb791d02713c4b0b8e6f1140840e303

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:19:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 deprecatedFormInputs.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 12 KB
3 KB 23ms
21ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/deprecatedFormInputs.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

baa835336978397f8d305d5b364930c2b214aab573a4f4df99719b8e3550550e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:19:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 businessApproveAdminChange_businessApproveEmailChange_businessConfirmEmailChange_businessGetQuote_bu_9694083d.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 144 B
460 B 23ms
22ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/businessApproveAdminChange_businessApproveEmailChange_businessConfirmEmailChange_businessGetQuote_bu_9694083d.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

b933ae8bb710e40d6ef165e101cf72b2fcaa2e7031f2d77123c23d338bc9abff

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:19:12 GMT
server: nginx
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 144
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 signin.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 54 KB
8 KB 23ms
22ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/signin.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

253d5d7badcb59c615aea3d554e25eafd9f92d1e41ca870c2906efa072203408

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 11:13:46 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 newFunnelPageStyle.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 675 B
637 B 24ms
22ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/newFunnelPageStyle.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

399232a02a5a60aee12000ea4b9c7ef5ebba0a15fc621d61342d38fbd2484e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:19:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 404 newFunnelPageStyle.js.t%C3%A9l%C3%A9chargement
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 0
0 1802ms
1801ms Script
text/html 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/newFunnelPageStyle.js.t%C3%A9l%C3%A9chargement

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Xss-Protection	1, 1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff, nosniff
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://oym.gr/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1, 1; mode=block, 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 affiliatesTerms_businessAdminWelcome_businessCX_businessExperienceSurvey_businessHR_businessHome_bus_7ed9b741.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 3 KB
1 KB 23ms
22ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/affiliatesTerms_businessAdminWelcome_businessCX_businessExperienceSurvey_businessHR_businessHome_bus_7ed9b741.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

3d5db5158c5dea4dc74479939f022323a87c6a966b01c78c71eb00d4ac5364af

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:19:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 home.css
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 38 KB
7 KB 24ms
23ms Stylesheet
text/css 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/home.css

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

3c078de985687108da6433c87dbac5f11a1ddc3f9901d5285a03aab27a399f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:19:12 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Wed, 31 Mar 2021 19:22:38 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 plus.png
oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/ 106 KB
107 KB 15ms
15ms Image
image/png 136.144.209.210
TRANSIP-AS Amsterdam

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oym.gr/ECOVACS%20ROBOTICS/O365/home/plus/plus.png

Requested by

Host: oym.gr
URL: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

136.144.209.210 Eindhoven, Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),

Reverse DNS

host.bclaike.eu

Software

nginx /

Resource Hash

8e7f8f9e3317745759389b3d702bcce10654cd07521442426def69b4b06838bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://oym.gr/ECOVACS%20ROBOTICS/O365/home/?sslchannel=true&sessionid=Piyq5Levoxx8dO7r6cT2OlxwBG8Fo5ApR6EiBJU8ZQI82lPxoCtQDrAd8LmerwECye7xuzw7OZhZE2q3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 19:22:38 GMT
x-content-type-options: nosniff, nosniff
last-modified: Sun, 29 Nov 2020 09:31:34 GMT
server: nginx
content-type: image/png
expires: Fri, 30 Apr 2021 19:22:38 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 108992
x-xss-protection: 1; mode=block, 1; mode=block
x-nginx-upstream-cache-status: STALE

GET akkurat-regular.woff2
static.grammarly.com/assets/files/29e757590a24815b6170ac2fafab050d/ 0
0

GET akkurat-bold.woff2
static.grammarly.com/assets/files/98b3f0b5cff5d8fcaaa28cf31371a183/ 0
0

GET Inter-Regular.woff2
static.grammarly.com/assets/files/55c843b0b146c9d1db049e4751172fe1/ 0
0

GET Inter-Regular.woff
static.grammarly.com/assets/files/da83100fc42a3c359ae8e3038a4a5e90/ 0
0

GET akkurat-regular.woff
static.grammarly.com/assets/files/f00a7952f3956f7871056a1138c16fee/ 0
0

GET akkurat-bold.woff
static.grammarly.com/assets/files/0d13cf93e764d35b0c6c7ebabdf53d10/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.grammarly.com
URL: https://static.grammarly.com/assets/files/29e757590a24815b6170ac2fafab050d/akkurat-regular.woff2

Domain: static.grammarly.com
URL: https://static.grammarly.com/assets/files/98b3f0b5cff5d8fcaaa28cf31371a183/akkurat-bold.woff2

Domain: static.grammarly.com
URL: https://static.grammarly.com/assets/files/55c843b0b146c9d1db049e4751172fe1/Inter-Regular.woff2

Domain: static.grammarly.com
URL: https://static.grammarly.com/assets/files/da83100fc42a3c359ae8e3038a4a5e90/Inter-Regular.woff

Domain: static.grammarly.com
URL: https://static.grammarly.com/assets/files/f00a7952f3956f7871056a1138c16fee/akkurat-regular.woff

Domain: static.grammarly.com
URL: https://static.grammarly.com/assets/files/0d13cf93e764d35b0c6c7ebabdf53d10/akkurat-bold.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			oym.gr/	1969-12-31 23:59:59	Name: PHPSESSID Value: 29da2f9b709070166c15c930a1a1eb8d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oym.gr
static.grammarly.com
static.grammarly.com
136.144.209.210
0f97bbfc53d9ee90f5d87b52ffc4d5eb838716ed63493100503c2989ba579bd1
253d5d7badcb59c615aea3d554e25eafd9f92d1e41ca870c2906efa072203408
399232a02a5a60aee12000ea4b9c7ef5ebba0a15fc621d61342d38fbd2484e4a
3c078de985687108da6433c87dbac5f11a1ddc3f9901d5285a03aab27a399f0d
3d5db5158c5dea4dc74479939f022323a87c6a966b01c78c71eb00d4ac5364af
6c762068da47767414b8ce1d70f784788ea5cd3c9016580cbf7c793b841e4cb4
8e7f8f9e3317745759389b3d702bcce10654cd07521442426def69b4b06838bb
a8a651288f2b76da3aeb6b852b18aeb68eb791d02713c4b0b8e6f1140840e303
b933ae8bb710e40d6ef165e101cf72b2fcaa2e7031f2d77123c23d338bc9abff
baa835336978397f8d305d5b364930c2b214aab573a4f4df99719b8e3550550e
dbea0c85f802807ebbf8a4614edb48817387143c6093a23b5ce46d7086aa9f67
f96b84492a2b5d4d79093c6182a9469e7a3e7994d6ebd1b213a022631f1fce87

oym.gr Open in urlscan Pro 136.144.209.210 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

68 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

140 kBTransfer

262 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

oym.gr Open in urlscan Pro
136.144.209.210 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

68 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

140 kB
Transfer

262 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!