olx.pl.bezpieczenstwo24.store Open in urlscan Pro
45.128.205.8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480
Submission: On February 15 via automatic, source phishtank (February 15th 2021, 8:35:17 am UTC)

Summary HTTP 16 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 45.128.205.8, located in Minsk, Belarus and belongs to BCTBY-AS, BY. The main domain is olx.pl.bezpieczenstwo24.store.
TLS certificate: Issued by R3 on February 11th 2021. Valid for: 3 months.

This is the only time olx.pl.bezpieczenstwo24.store was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OLX Group (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1 5	45.128.205.8 45.128.205.8	60330 (BCTBY-AS) (BCTBY-AS)
1	65.9.94.121 65.9.94.121	16509 (AMAZON-02) (AMAZON-02)
7	13.224.196.19 13.224.196.19	16509 (AMAZON-02) (AMAZON-02)
16	4

5 45.128.205.8 (Minsk, Belarus) 1 redirects

ASN60330 (BCTBY-AS, BY)
PTR: isp10.cloudvps.by

olx.pl.bezpieczenstwo24.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.121 (United States)

ASN16509 (AMAZON-02, US)

www.olx.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.224.196.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-19.fra2.r.cloudfront.net

static.olx.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	olx.ua www.olx.ua static.olx.ua	144 KB
5	bezpieczenstwo24.store 1 redirects olx.pl.bezpieczenstwo24.store	165 KB
0	Failed function sub() { [native code] }. Failed
16	3

	Domain	Requested by
7	static.olx.ua	olx.pl.bezpieczenstwo24.store
5	olx.pl.bezpieczenstwo24.store	1 redirects olx.pl.bezpieczenstwo24.store
1	www.olx.ua	olx.pl.bezpieczenstwo24.store
0	fhhdlnnepfjhlhilgmeepgkhjmhhhjkh Failed	olx.pl.bezpieczenstwo24.store
16	4

This site contains links to these domains. Also see Links.

Domain
www.olx.pl
boxberry.ru
pomoc.olx.pl
blog.olx.pl
tu-dodasz-reklame.olx.pl
media.olx.pl
www.olxgroup.com
kodyrabatowe.olx.pl
play.google.com
itunes.apple.com
appgallery.cloud.huawei.com
www.olx.bg
www.olx.ro

Subject Issuer	Validity	Valid
olx.pl.bezpieczenstwo24.store R3	`2021-02-11` - `2021-05-12`	3 months	crt.sh
olx.ua Amazon	`2020-03-16` - `2021-04-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480
Frame ID: B400D2E4F3F135E448FEF1359D218B78
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

309 kB
Transfer

1035 kB
Size

0
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.olx.pl/
Title:

Search URL Search Domain Scan URL

URL: https://www.olx.pl/post-new-ad/?bs=
Title: Dоdaj оgłоszenie

Search URL Search Domain Scan URL

URL: https://www.olx.pl/favorites/
Title:

Search URL Search Domain Scan URL

URL: https://www.olx.pl/favorites/search/
Title:

Search URL Search Domain Scan URL

URL: http://boxberry.ru/

Search URL Search Domain Scan URL

URL: https://www.olx.pl/mobilne/
Title: Aplikacje mоbilne ОLX.pl

Search URL Search Domain Scan URL

URL: http://pomoc.olx.pl/
Title: Pоmоc

Search URL Search Domain Scan URL

URL: https://www.olx.pl/platnosci/dlaczego-warto-promowac/
Title: Wyróżniоne оgłоszenia

Search URL Search Domain Scan URL

URL: http://blog.olx.pl/
Title: Blоg

Search URL Search Domain Scan URL

URL: https://pomoc.olx.pl/hc/pl/articles/360000828525
Title: Regulamin

Search URL Search Domain Scan URL

URL: https://pomoc.olx.pl/hc/pl/articles/360000901525
Title: Pоlityka prywatnоści

Search URL Search Domain Scan URL

URL: https://tu-dodasz-reklame.olx.pl/
Title: Reklama

Search URL Search Domain Scan URL

URL: http://media.olx.pl/
Title: Biurо prasоwe

Search URL Search Domain Scan URL

URL: https://www.olx.pl/jak-dziala-olx/
Title: Jak działa OLX.pl

Search URL Search Domain Scan URL

URL: https://www.olx.pl/bezpieczenstwo/
Title: Zasady bezpieczeństwa

Search URL Search Domain Scan URL

URL: https://www.olx.pl/sitemap/
Title: Mapa kategorii

Search URL Search Domain Scan URL

URL: https://www.olx.pl/sitemap/regions/
Title: Mapa miejscowości

Search URL Search Domain Scan URL

URL: https://www.olx.pl/popularne/
Title: Popularne wyszukiwania

Search URL Search Domain Scan URL

URL: https://www.olxgroup.com/careers
Title: Kariera

Search URL Search Domain Scan URL

URL: https://kodyrabatowe.olx.pl/
Title: Kody rabatowe

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.slando&referrer=utm_source%3Dolx.pl%26utm_medium%3Dcpc%26utm_campaign%3Dandroid-app-footer
Title: w Google Play Pobierz w Google Play

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/slando.ua-besplatnye-ob-avlenia/id663217552?l=pl&ls=1&mt=8
Title: w AppStore Pobierz w AppStore

Search URL Search Domain Scan URL

URL: https://appgallery.cloud.huawei.com/ag/n/app/C100505851?channelId=EUPLHMS20200617FB&detailType=0
Title: w AppGallery Pobierz w AppGallery

Search URL Search Domain Scan URL

URL: https://www.olx.bg/
Title: OLX.bg

Search URL Search Domain Scan URL

URL: https://www.olx.ro/
Title: OLX.ro

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://olx.pl.bezpieczenstwo24.store/item/static/check.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F HTTP 302
https://www.olx.ua/

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 33056105826027ff3889480 Show response olx.pl.bezpieczenstwo24.store/item/	857 KB 141 KB	791ms 674ms	Document text/html	45.128.205.8 BCTBY-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.128.205.8 Minsk, Belarus, ASN60330 (BCTBY-AS, BY), Reverse DNS isp10.cloudvps.by Software nginx/1.16.1 / PHP/5.6.40 Resource Hash `6423d2e677878c08a7afee080effafd82f1101d2036504f64ccae99e861f6eb4` Request headers :method GET :authority olx.pl.bezpieczenstwo24.store :scheme https :path /item/33056105826027ff3889480 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx/1.16.1 date Mon, 15 Feb 2021 08:34:58 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/5.6.40 content-encoding gzip
GET		detector.js fhhdlnnepfjhlhilgmeepgkhjmhhhjkh/js/	0 0

GET H2	200	/ Show response www.olx.ua/ Redirect Chain https://olx.pl.bezpieczenstwo24.store/item/static/check.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F https://www.olx.ua/	0 0	421ms 330ms	Script text/html	65.9.94.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.olx.ua/ Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.94.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Redirect headers location https://www.olx.ua/ date Mon, 15 Feb 2021 08:34:59 GMT server nginx/1.16.1 x-powered-by PHP/5.6.40 content-length 0 content-type text/html; charset=UTF-8
GET H2	200	30-512%20(1).png olx.pl.bezpieczenstwo24.store/static/	6 KB 7 KB	54ms 53ms	Image image/png	45.128.205.8 BCTBY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.bezpieczenstwo24.store/static/30-512%20(1).png Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.128.205.8 Minsk, Belarus, ASN60330 (BCTBY-AS, BY), Reverse DNS isp10.cloudvps.by Software nginx/1.16.1 / Resource Hash `1db2323b3cfe04d900aa7860b5707f9d986b78a8d8d6ef521133a922520f5aed` Request headers Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 15 Feb 2021 08:34:59 GMT last-modified Thu, 05 Nov 2020 18:59:31 GMT server nginx/1.16.1 accept-ranges bytes etag "5fa44b93-19e7" content-length 6631 content-type image/png
GET H2	200	boxberry.png olx.pl.bezpieczenstwo24.store/static/	5 KB 5 KB	54ms 53ms	Image image/png	45.128.205.8 BCTBY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.bezpieczenstwo24.store/static/boxberry.png Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.128.205.8 Minsk, Belarus, ASN60330 (BCTBY-AS, BY), Reverse DNS isp10.cloudvps.by Software nginx/1.16.1 / Resource Hash `ee852d47edcda5139a1eea74db05add77dbdafd8bc6e9ead2b8cf5a1dfa49ac3` Request headers Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 15 Feb 2021 08:34:59 GMT last-modified Thu, 05 Nov 2020 18:59:31 GMT server nginx/1.16.1 accept-ranges bytes etag "5fa44b93-145c" content-length 5212 content-type image/png
GET H2	200	33056105826027ff38894801613233994.jpg olx.pl.bezpieczenstwo24.store/bot/img/	12 KB 12 KB	55ms 54ms	Image image/jpeg	45.128.205.8 BCTBY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.bezpieczenstwo24.store/bot/img/33056105826027ff38894801613233994.jpg Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.128.205.8 Minsk, Belarus, ASN60330 (BCTBY-AS, BY), Reverse DNS isp10.cloudvps.by Software nginx/1.16.1 / Resource Hash `c76bd779ea4bf534bf1536262629a76d6eb13981d7beeb30892f9b19bbcb3917` Request headers Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 15 Feb 2021 08:34:59 GMT last-modified Sat, 13 Feb 2021 16:33:15 GMT server nginx/1.16.1 accept-ranges bytes etag "6027ff4b-3144" content-length 12612 content-type image/jpeg
GET H2	200	2f7d515ccf53e427f222999e9e6f453e1c.woff2 static.olx.ua/static/olxua/packed/font/	42 KB 42 KB	109ms 39ms	Font application/octet-stream	13.224.196.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.olx.ua/static/olxua/packed/font/2f7d515ccf53e427f222999e9e6f453e1c.woff2 Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-19.fra2.r.cloudfront.net Software OLXcdn / Resource Hash `3d2d1cefcb9a492fc0d04a6f10ca26ba35d3cf8610b9badf642caba4b4db92e1` Request headers Origin https://olx.pl.bezpieczenstwo24.store Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 23 Nov 2020 05:05:23 GMT x-t True x-request-received t=1606107923500727 last-modified Sun, 22 Nov 2020 17:12:37 GMT server OLXcdn age 7270176 x-cache Hit from cloudfront access-control-allow-origin * x-amz-cf-pop FRA2-C1 accept-ranges bytes x-request-processing-time D=498 content-length 42860 via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) x-amz-cf-id ASr3O_XJgvKTuUZSW-kcMfxy_Q7GYAze6D3qhzWfokqtefPo5fTt1A==
GET H2	200	2f5da9077a4fd524bfa4a23e595fc41982.woff2 static.olx.ua/static/olxua/packed/font/	42 KB 43 KB	106ms 39ms	Font application/octet-stream	13.224.196.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.olx.ua/static/olxua/packed/font/2f5da9077a4fd524bfa4a23e595fc41982.woff2 Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-19.fra2.r.cloudfront.net Software OLXcdn / Resource Hash `2383e4a01c9cea2352a87cbd5c1326a38ec4b493025ddba6eb12d3fa8060edee` Request headers Origin https://olx.pl.bezpieczenstwo24.store Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 07:45:15 GMT x-t True x-request-received t=1608277515451836 last-modified Fri, 18 Dec 2020 04:32:06 GMT server OLXcdn age 5100584 x-cache Hit from cloudfront access-control-allow-origin * x-amz-cf-pop FRA2-C1 accept-ranges bytes x-request-processing-time D=680 content-length 43272 via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) x-amz-cf-id Hvb4qkNT3V92VfaagteTHpxuS9pZyAKVKMKCgDej_n9Cm9I6PfVKlA==
GET		2f31b2e28c8a5ed8afb69bcc8851caea83.woff2 static.olx.ua/static/olxua/packed/font/	0 0

GET H2	200	2f93d984f561637f78d1b86363c029781c.woff2 static.olx.ua/static/olxua/packed/font/	42 KB 42 KB	106ms 39ms	Font application/octet-stream	13.224.196.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.olx.ua/static/olxua/packed/font/2f93d984f561637f78d1b86363c029781c.woff2 Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-19.fra2.r.cloudfront.net Software OLXcdn / Resource Hash `b664272856b8d3d6e99cf8920e7b3b02aac6b0033cb53dfba9b83679a31861f9` Request headers Origin https://olx.pl.bezpieczenstwo24.store Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 18 Dec 2020 07:45:15 GMT x-t True x-request-received t=1608277515459333 last-modified Fri, 18 Dec 2020 07:23:43 GMT server OLXcdn age 5100584 x-cache Hit from cloudfront access-control-allow-origin * x-amz-cf-pop FRA2-C1 accept-ranges bytes x-request-processing-time D=406 content-length 43092 via 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront) x-amz-cf-id HGkjZRgJcvqiq9msjpAaZ1nXKMt0vvH0Q8waj-B27HPlTyhyn0lBYQ==
GET H2	200	2fc9f37e6707acfc0e1255cec57c49a986.svg static.olx.ua/static/olxua/packed/font/	6 KB 3 KB	103ms 33ms	Image image/svg+xml	13.224.196.19 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.olx.ua/static/olxua/packed/font/2fc9f37e6707acfc0e1255cec57c49a986.svg Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-19.fra2.r.cloudfront.net Software OLXcdn / Resource Hash `9ef6b58dbcb6ec33c83a2e2100a9cde733d6272965c681360cfdfacc49c77dd9` Request headers Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Feb 2021 04:29:00 GMT x-t True x-request-received t=1612844940502522 last-modified Mon, 08 Feb 2021 23:21:19 GMT server OLXcdn age 533159 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * x-amz-cf-pop FRA2-C1 content-encoding gzip x-request-processing-time D=814 x-amz-cf-id edzISgrbfhFFHlghPB2u2j4yArPwbq_1K7PTJ6h44MRrIKgrNDMWCA== via 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
GET H2	200	2fccd2faa9395d5faed1011516c64dc929.svg static.olx.ua/static/olxua/packed/font/	8 KB 4 KB	103ms 34ms	Image image/svg+xml	13.224.196.19 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.olx.ua/static/olxua/packed/font/2fccd2faa9395d5faed1011516c64dc929.svg Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-19.fra2.r.cloudfront.net Software OLXcdn / Resource Hash `e7bdf200a2c0ca62218da3ee29d5c4cc8eca4eeaa29f6dae116df3822d6bd898` Request headers Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 30 Jan 2021 04:11:23 GMT x-t True x-request-received t=1611979883488098 last-modified Sat, 30 Jan 2021 00:55:31 GMT server OLXcdn age 1398216 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * x-amz-cf-pop FRA2-C1 content-encoding gzip x-request-processing-time D=472 x-amz-cf-id p75-ucsoDkgERPF8-yJUUzEDNWpfnPY1wZAtb-rMdnALQ41CE4PH1A== via 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
GET H2	200	2f601b9bb08d8fa367b5341a761574c88b.svg static.olx.ua/static/olxua/packed/font/	9 KB 4 KB	108ms 39ms	Image image/svg+xml	13.224.196.19 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.olx.ua/static/olxua/packed/font/2f601b9bb08d8fa367b5341a761574c88b.svg Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-19.fra2.r.cloudfront.net Software OLXcdn / Resource Hash `71bb5bb85124d95544835666cd7d22947496648808c32b1968d070a623cab1a3` Request headers Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Feb 2021 09:56:28 GMT x-t True x-request-received t=1612346188653186 last-modified Wed, 03 Feb 2021 09:55:33 GMT server OLXcdn age 1031911 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml access-control-allow-origin * x-amz-cf-pop FRA2-C1 content-encoding gzip x-request-processing-time D=483 x-amz-cf-id ghtw4LNToagxK4BbZ9d-VW-v5pGDzfcH05UM_4Qi2913iyX5KyekDQ== via 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
GET H2	200	2ff3db49aa88d9acd64ca43e1265bfd7bb.png static.olx.ua/static/olxua/packed/img/	5 KB 5 KB	102ms 34ms	Image image/png	13.224.196.19 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.olx.ua/static/olxua/packed/img/2ff3db49aa88d9acd64ca43e1265bfd7bb.png Requested by Host: olx.pl.bezpieczenstwo24.store URL: https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-19.fra2.r.cloudfront.net Software OLXcdn / Resource Hash `dc2b534ec579cf951490b590c11bfe29cb04cf7eeae443cfa218f04a147bafa9` Request headers Referer https://olx.pl.bezpieczenstwo24.store/item/33056105826027ff3889480 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 03 Feb 2021 13:20:35 GMT x-t True x-request-received t=1612358435929696 age 1019664 x-cache Hit from cloudfront content-length 4896 access-control-allow-origin * last-modified Wed, 03 Feb 2021 13:13:18 GMT server OLXcdn content-type image/png via 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront) cache-control max-age=2592000 x-amz-cf-pop FRA2-C1 accept-ranges bytes x-request-processing-time D=641 x-amz-cf-id DbyZCxWSyskS3co-wOQhPHSRcvXOFgxJdZPtIqnfQ1MRId2O30geTg== expires Fri, 05 Mar 2021 13:20:35 GMT
GET		2f2b77a1b5c6dbb672de9063d7fc214fd9.woff static.olx.ua/static/olxua/packed/font/	0 0

GET		2f9ff5479ce901683f57150e3c8c9ed82a.ttf static.olx.ua/static/olxua/packed/font/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
URL: chrome-extension://fhhdlnnepfjhlhilgmeepgkhjmhhhjkh/js/detector.js

Domain: static.olx.ua
URL: https://static.olx.ua/static/olxua/packed/font/2f31b2e28c8a5ed8afb69bcc8851caea83.woff2

Domain: static.olx.ua
URL: https://static.olx.ua/static/olxua/packed/font/2f2b77a1b5c6dbb672de9063d7fc214fd9.woff

Domain: static.olx.ua
URL: https://static.olx.ua/static/olxua/packed/font/2f9ff5479ce901683f57150e3c8c9ed82a.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OLX Group (E-commerce)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
olx.pl.bezpieczenstwo24.store
static.olx.ua
www.olx.ua
fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
static.olx.ua
13.224.196.19
45.128.205.8
65.9.94.121
1db2323b3cfe04d900aa7860b5707f9d986b78a8d8d6ef521133a922520f5aed
2383e4a01c9cea2352a87cbd5c1326a38ec4b493025ddba6eb12d3fa8060edee
3d2d1cefcb9a492fc0d04a6f10ca26ba35d3cf8610b9badf642caba4b4db92e1
6423d2e677878c08a7afee080effafd82f1101d2036504f64ccae99e861f6eb4
71bb5bb85124d95544835666cd7d22947496648808c32b1968d070a623cab1a3
9ef6b58dbcb6ec33c83a2e2100a9cde733d6272965c681360cfdfacc49c77dd9
b664272856b8d3d6e99cf8920e7b3b02aac6b0033cb53dfba9b83679a31861f9
c76bd779ea4bf534bf1536262629a76d6eb13981d7beeb30892f9b19bbcb3917
dc2b534ec579cf951490b590c11bfe29cb04cf7eeae443cfa218f04a147bafa9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bdf200a2c0ca62218da3ee29d5c4cc8eca4eeaa29f6dae116df3822d6bd898
ee852d47edcda5139a1eea74db05add77dbdafd8bc6e9ead2b8cf5a1dfa49ac3

olx.pl.bezpieczenstwo24.store Open in urlscan Pro 45.128.205.8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

75 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

309 kBTransfer

1035 kBSize

0 Cookies

25 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

Indicators

olx.pl.bezpieczenstwo24.store Open in urlscan Pro
45.128.205.8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

75 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

309 kB
Transfer

1035 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!