ozon.kiev.ua Open in urlscan Pro
2a06:6440:0:2d3b::1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ozon.kiev.ua/00/OTP_CheckPoint_process.php
Submission: On September 05 via automatic, source openphish (September 5th 2022, 1:24:40 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 2a06:6440:0:2d3b::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is ozon.kiev.ua.
TLS certificate: Issued by R3 on September 5th 2022. Valid for: 3 months.

This is the only time ozon.kiev.ua was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Standard Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
17	2a06:6440:0:2... 2a06:6440:0:2d3b::1		200000 (UKRAINE-AS) (UKRAINE-AS)
17	1

17 2a06:6440:0:2d3b::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)

ozon.kiev.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ozon.kiev.ua ozon.kiev.ua	246 KB
17	1

	Domain	Requested by
17	ozon.kiev.ua	ozon.kiev.ua
17	1

This site contains no links.

Subject Issuer	Validity	Valid
www.ozon.kiev.ua R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ozon.kiev.ua/00/OTP_CheckPoint_process.php
Frame ID: 2CCB6ECF4399C47062166546BA548971
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Standard Bank Online Banking

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

246 kB
Transfer

1824 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request OTP_CheckPoint_process.php Show response ozon.kiev.ua/00/	15 KB 3 KB	196ms 102ms	Document text/html	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/OTP_CheckPoint_process.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `ce2b1651810806da5159fd51cba4af88b3f5b08182bc163371838eaca2d929d5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Mon, 05 Sep 2022 13:24:35 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx x-ray p990:0.066/wn20738:0.061/wal20738:D=60516
GET H2	200	app.min.css ozon.kiev.ua/00/Lib/stylesheets/css/	67 KB 5 KB	71ms 70ms	Stylesheet text/css	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/OTP_CheckPoint_process.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `ab9b1811fa5cdcb1468e501c5ae704095fe7b771574274e1774c282e01aeba6f` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/OTP_CheckPoint_process.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.000/wn20738:0.000/ content-encoding br etag W/"60d18276-10af0" last-modified Tue, 22 Jun 2021 06:25:58 GMT server nginx date Mon, 05 Sep 2022 13:24:35 GMT content-type text/css
GET H2	200	sb_logo.png ozon.kiev.ua/00/Lib/img/	7 KB 7 KB	36ms 36ms	Image image/png	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ozon.kiev.ua/00/Lib/img/sb_logo.png Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/OTP_CheckPoint_process.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `5e03e8a2ea184c5c68a1d0e1446b7ea7c57d60a4d18400267136ff423ac9633e` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/OTP_CheckPoint_process.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.000/wn20738:0.000/ last-modified Fri, 12 Feb 2021 12:26:06 GMT server nginx etag "602673de-1af3" content-type image/png date Mon, 05 Sep 2022 13:24:35 GMT accept-ranges bytes content-length 6899
GET H2	200	img_web_otp_240.png ozon.kiev.ua/00/Lib/img/	23 KB 23 KB	36ms 36ms	Image image/png	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ozon.kiev.ua/00/Lib/img/img_web_otp_240.png Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/OTP_CheckPoint_process.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `f94d4f6b5e28a18bb671a457d9518edd7e1670907b1516492aaeb37fdd7d6897` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/OTP_CheckPoint_process.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.010/wn20738:0.000/ last-modified Fri, 12 Feb 2021 17:52:50 GMT server nginx etag "6026c072-5afb" content-type image/png date Mon, 05 Sep 2022 13:24:35 GMT accept-ranges bytes content-length 23291
GET H2	200	icon_south_africa_white.png ozon.kiev.ua/00/Lib/img/	850 B 1014 B	37ms 35ms	Image image/png	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ozon.kiev.ua/00/Lib/img/icon_south_africa_white.png Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/OTP_CheckPoint_process.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `659ec5c9f365d3e03d205766dcf6103fdb716dae3e99d8742d33f1e31eb37b2d` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/OTP_CheckPoint_process.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.000/wn20738:0.000/ last-modified Tue, 09 Feb 2021 04:52:48 GMT server nginx etag "60221520-352" content-type image/png date Mon, 05 Sep 2022 13:24:35 GMT accept-ranges bytes content-length 850
GET H2	200	icon_global_white.png ozon.kiev.ua/00/Lib/img/	1 KB 1 KB	36ms 35ms	Image image/png	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ozon.kiev.ua/00/Lib/img/icon_global_white.png Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/OTP_CheckPoint_process.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `a98db87f78fe65c1c150fe8eddba301a4040bec74b19304bcad6405dbc323d9d` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/OTP_CheckPoint_process.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.000/wn20738:0.000/ last-modified Tue, 09 Feb 2021 04:52:48 GMT server nginx etag "60221520-442" content-type image/png date Mon, 05 Sep 2022 13:24:35 GMT accept-ranges bytes content-length 1090
GET H2	200	icon_email_white.png ozon.kiev.ua/00/Lib/img/	795 B 959 B	36ms 35ms	Image image/png	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ozon.kiev.ua/00/Lib/img/icon_email_white.png Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/OTP_CheckPoint_process.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `2daf53b1d65351e31f6c8513731bec5ecd65fd1c072d8ddd5521e35cc31a73de` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/OTP_CheckPoint_process.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.001/wn20738:0.000/ last-modified Tue, 09 Feb 2021 04:52:48 GMT server nginx etag "60221520-31b" content-type image/png date Mon, 05 Sep 2022 13:24:35 GMT accept-ranges bytes content-length 795
GET H2	200	app.min-blessed49.css ozon.kiev.ua/00/Lib/stylesheets/css/	303 KB 30 KB	81ms 80ms	Stylesheet text/css	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed49.css?z=1612885494473 Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `23d2b540921ec0655b5f581999a09914fa8751b73b90bd981840183dc2a4ec95` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.010/wn20738:0.000/ content-encoding br etag W/"60268738-4bd2a" last-modified Fri, 12 Feb 2021 13:48:40 GMT server nginx date Mon, 05 Sep 2022 13:24:35 GMT content-type text/css
GET H2	200	app.min-blessed45.css ozon.kiev.ua/00/Lib/stylesheets/css/	425 KB 19 KB	47ms 46ms	Stylesheet text/css	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed45.css?z=1612885494473 Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `c415bbd5aeeaa215da204eeacdad5471ee670c054e295a2df1232a575166a2cf` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.010/wn20738:0.000/ content-encoding br etag W/"6026417c-6a329" last-modified Fri, 12 Feb 2021 08:51:08 GMT server nginx date Mon, 05 Sep 2022 13:24:35 GMT content-type text/css
GET H2	200	app.min-blessed44.css ozon.kiev.ua/00/Lib/stylesheets/css/	104 KB 12 KB	82ms 80ms	Stylesheet text/css	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed44.css?z=1612885494473 Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `1d37a24706a9b7ef61dfef37effcf7e9668080b854e2ecba5db74f89c208230d` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.020/wn20738:0.000/ content-encoding br etag W/"6026417c-19f76" last-modified Fri, 12 Feb 2021 08:51:08 GMT server nginx date Mon, 05 Sep 2022 13:24:35 GMT content-type text/css
GET H2	200	app.min-blessed41.css ozon.kiev.ua/00/Lib/stylesheets/css/	240 KB 28 KB	81ms 80ms	Stylesheet text/css	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed41.css?z=1612885494473 Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `1d3edfb3b0cec0a47e6e85a2d752993a077473aa8c03dfeac5ce873fc9abe639` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.010/wn20738:0.000/ content-encoding br etag W/"60d1830e-3bf45" last-modified Tue, 22 Jun 2021 06:28:30 GMT server nginx date Mon, 05 Sep 2022 13:24:35 GMT content-type text/css
GET H2	200	app.min-blessed40.css ozon.kiev.ua/00/Lib/stylesheets/css/	324 KB 26 KB	80ms 79ms	Stylesheet text/css	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed40.css?z=1612885494473 Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `f4c3e8fe992c60ae0b42bd89de1050b4928623cced6242008288fee24702d366` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.010/wn20738:0.000/ content-encoding br etag W/"602690f8-51150" last-modified Fri, 12 Feb 2021 14:30:16 GMT server nginx date Mon, 05 Sep 2022 13:24:35 GMT content-type text/css
GET H2	200	app.min-blessed39.css ozon.kiev.ua/00/Lib/stylesheets/css/	247 KB 22 KB	45ms 45ms	Stylesheet text/css	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed39.css?z=1612885494473 Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `b9339526d34d7d298dabb34b9c04be6da2d80ef3432ce9b8f6a5a4c25e2ddf4c` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.010/wn20738:0.000/ content-encoding br etag W/"60d1823a-3dcbc" last-modified Tue, 22 Jun 2021 06:24:58 GMT server nginx date Mon, 05 Sep 2022 13:24:35 GMT content-type text/css
GET H2	404	Background_Image_Large.jpg ozon.kiev.ua/00/Lib/img/	196 B 196 B	178ms 178ms	Image text/html	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ozon.kiev.ua/00/Lib/img/Background_Image_Large.jpg Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed40.css?z=1612885494473 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers accept-language de-DE,de;q=0.9 Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed40.css?z=1612885494473 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.148/wn20738:0.140/wal20738:D=141749 server nginx date Mon, 05 Sep 2022 13:24:36 GMT content-length 196 content-type text/html; charset=iso-8859-1
GET H2	200	bentonsans-regular-webfont.woff ozon.kiev.ua/00/Lib/fonts/bentonsans/regular/	12 KB 12 KB	36ms 36ms	Font font/woff	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/fonts/bentonsans/regular/bentonsans-regular-webfont.woff Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed41.css?z=1612885494473 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `0402b8e6e3b789ffec9618f6baea5b80a5c7d20a44394327a4d5a8e5ee369acf` Request headers Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed41.css?z=1612885494473 Origin https://ozon.kiev.ua accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.010/wn20738:0.000/ last-modified Tue, 09 Feb 2021 04:52:48 GMT server nginx etag "60221520-2e58" content-type font/woff date Mon, 05 Sep 2022 13:24:35 GMT accept-ranges bytes content-length 11864
GET H2	200	fontawesome-webfont.woff ozon.kiev.ua/00/Lib/fonts/	43 KB 44 KB	37ms 36ms	Font font/woff	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/fonts/fontawesome-webfont.woff Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed49.css?z=1612885494473 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849` Request headers Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed49.css?z=1612885494473 Origin https://ozon.kiev.ua accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.001/wn20738:0.000/ last-modified Tue, 09 Feb 2021 04:52:48 GMT server nginx etag "60221520-ad90" content-type font/woff date Mon, 05 Sep 2022 13:24:35 GMT accept-ranges bytes content-length 44432
GET H2	200	bentonsans-medium-webfont.woff ozon.kiev.ua/00/Lib/fonts/bentonsans/medium/	12 KB 12 KB	37ms 37ms	Font font/woff	2a06:6440:0:2d3b::1 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://ozon.kiev.ua/00/Lib/fonts/bentonsans/medium/bentonsans-medium-webfont.woff Requested by Host: ozon.kiev.ua URL: https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed41.css?z=1612885494473 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a06:6440:0:2d3b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS Software nginx / Resource Hash `e22403a94b6dafdf14e615863c37f711615cd794d3cd09812a947c974bf99cca` Request headers Referer https://ozon.kiev.ua/00/Lib/stylesheets/css/app.min-blessed41.css?z=1612885494473 Origin https://ozon.kiev.ua accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers x-ray p990:0.001/wn20738:0.000/ last-modified Tue, 09 Feb 2021 04:52:48 GMT server nginx etag "60221520-2e64" content-type font/woff date Mon, 05 Sep 2022 13:24:35 GMT accept-ranges bytes content-length 11876

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Standard Bank (Banking)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ozon.kiev.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: f780d15e3835923ffde154034c697b25

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ozon.kiev.ua/00/Lib/img/Background_Image_Large.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ozon.kiev.ua
2a06:6440:0:2d3b::1
0402b8e6e3b789ffec9618f6baea5b80a5c7d20a44394327a4d5a8e5ee369acf
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1d37a24706a9b7ef61dfef37effcf7e9668080b854e2ecba5db74f89c208230d
1d3edfb3b0cec0a47e6e85a2d752993a077473aa8c03dfeac5ce873fc9abe639
23d2b540921ec0655b5f581999a09914fa8751b73b90bd981840183dc2a4ec95
2daf53b1d65351e31f6c8513731bec5ecd65fd1c072d8ddd5521e35cc31a73de
5e03e8a2ea184c5c68a1d0e1446b7ea7c57d60a4d18400267136ff423ac9633e
659ec5c9f365d3e03d205766dcf6103fdb716dae3e99d8742d33f1e31eb37b2d
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
a98db87f78fe65c1c150fe8eddba301a4040bec74b19304bcad6405dbc323d9d
ab9b1811fa5cdcb1468e501c5ae704095fe7b771574274e1774c282e01aeba6f
b9339526d34d7d298dabb34b9c04be6da2d80ef3432ce9b8f6a5a4c25e2ddf4c
c415bbd5aeeaa215da204eeacdad5471ee670c054e295a2df1232a575166a2cf
ce2b1651810806da5159fd51cba4af88b3f5b08182bc163371838eaca2d929d5
e22403a94b6dafdf14e615863c37f711615cd794d3cd09812a947c974bf99cca
f4c3e8fe992c60ae0b42bd89de1050b4928623cced6242008288fee24702d366
f94d4f6b5e28a18bb671a457d9518edd7e1670907b1516492aaeb37fdd7d6897

ozon.kiev.ua Open in urlscan Pro 2a06:6440:0:2d3b::1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

246 kBTransfer

1824 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

24 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

ozon.kiev.ua Open in urlscan Pro
2a06:6440:0:2d3b::1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

246 kB
Transfer

1824 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!