ozon.kiev.ua
Open in
urlscan Pro
2a06:6440:0:2d3b::1
Malicious Activity!
Public Scan
Submission: On September 05 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 5th 2022. Valid for: 3 months.
This is the only time ozon.kiev.ua was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Standard Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 2a06:6440:0:2... 2a06:6440:0:2d3b::1 | 200000 (UKRAINE-AS) (UKRAINE-AS) | |
17 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
ozon.kiev.ua
ozon.kiev.ua |
246 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
17 | ozon.kiev.ua |
ozon.kiev.ua
|
17 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ozon.kiev.ua R3 |
2022-09-05 - 2022-12-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ozon.kiev.ua/00/OTP_CheckPoint_process.php
Frame ID: 2CCB6ECF4399C47062166546BA548971
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Standard Bank Online BankingDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
ZURB Foundation (Web Frameworks) Expand
Detected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
OTP_CheckPoint_process.php
ozon.kiev.ua/00/ |
15 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min.css
ozon.kiev.ua/00/Lib/stylesheets/css/ |
67 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sb_logo.png
ozon.kiev.ua/00/Lib/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_web_otp_240.png
ozon.kiev.ua/00/Lib/img/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_south_africa_white.png
ozon.kiev.ua/00/Lib/img/ |
850 B 1014 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_global_white.png
ozon.kiev.ua/00/Lib/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_email_white.png
ozon.kiev.ua/00/Lib/img/ |
795 B 959 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min-blessed49.css
ozon.kiev.ua/00/Lib/stylesheets/css/ |
303 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min-blessed45.css
ozon.kiev.ua/00/Lib/stylesheets/css/ |
425 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min-blessed44.css
ozon.kiev.ua/00/Lib/stylesheets/css/ |
104 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min-blessed41.css
ozon.kiev.ua/00/Lib/stylesheets/css/ |
240 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min-blessed40.css
ozon.kiev.ua/00/Lib/stylesheets/css/ |
324 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min-blessed39.css
ozon.kiev.ua/00/Lib/stylesheets/css/ |
247 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Background_Image_Large.jpg
ozon.kiev.ua/00/Lib/img/ |
196 B 196 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bentonsans-regular-webfont.woff
ozon.kiev.ua/00/Lib/fonts/bentonsans/regular/ |
12 KB 12 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff
ozon.kiev.ua/00/Lib/fonts/ |
43 KB 44 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bentonsans-medium-webfont.woff
ozon.kiev.ua/00/Lib/fonts/bentonsans/medium/ |
12 KB 12 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Standard Bank (Banking)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| day string| month string| ampm number| ampmhour number| myweekday number| year object| mydate number| myday number| mymonth number| weekday number| myyear number| myhours number| mytime string| myminutes function| isInputNumber1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ozon.kiev.ua/ | Name: PHPSESSID Value: f780d15e3835923ffde154034c697b25 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ozon.kiev.ua
2a06:6440:0:2d3b::1
0402b8e6e3b789ffec9618f6baea5b80a5c7d20a44394327a4d5a8e5ee369acf
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1d37a24706a9b7ef61dfef37effcf7e9668080b854e2ecba5db74f89c208230d
1d3edfb3b0cec0a47e6e85a2d752993a077473aa8c03dfeac5ce873fc9abe639
23d2b540921ec0655b5f581999a09914fa8751b73b90bd981840183dc2a4ec95
2daf53b1d65351e31f6c8513731bec5ecd65fd1c072d8ddd5521e35cc31a73de
5e03e8a2ea184c5c68a1d0e1446b7ea7c57d60a4d18400267136ff423ac9633e
659ec5c9f365d3e03d205766dcf6103fdb716dae3e99d8742d33f1e31eb37b2d
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
a98db87f78fe65c1c150fe8eddba301a4040bec74b19304bcad6405dbc323d9d
ab9b1811fa5cdcb1468e501c5ae704095fe7b771574274e1774c282e01aeba6f
b9339526d34d7d298dabb34b9c04be6da2d80ef3432ce9b8f6a5a4c25e2ddf4c
c415bbd5aeeaa215da204eeacdad5471ee670c054e295a2df1232a575166a2cf
ce2b1651810806da5159fd51cba4af88b3f5b08182bc163371838eaca2d929d5
e22403a94b6dafdf14e615863c37f711615cd794d3cd09812a947c974bf99cca
f4c3e8fe992c60ae0b42bd89de1050b4928623cced6242008288fee24702d366
f94d4f6b5e28a18bb671a457d9518edd7e1670907b1516492aaeb37fdd7d6897