olx.wiki
Open in
urlscan Pro
94.154.129.16
Malicious Activity!
Public Scan
Submission: On February 09 via api from PL
Summary
TLS certificate: Issued by R3 on February 5th 2021. Valid for: 3 months.
This is the only time olx.wiki was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 94.154.129.16 94.154.129.16 | 44015 (WELLWALL-AS) (WELLWALL-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.225.78.40 13.225.78.40 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::1 | 60068 (CDN77 (^_^)/) (CDN77 (^_^)/) | |
1 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
1 | 3.64.31.165 3.64.31.165 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a02:6ea0:c70... 2a02:6ea0:c700::3 | 60068 (CDN77 (^_^)/) (CDN77 (^_^)/) | |
24 | 8 |
ASN44015 (WELLWALL-AS, GB)
PTR: protection.well-wall.pro
olx.wiki |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-40.fra2.r.cloudfront.net
ireland.apollo.olxcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-31-165.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
olx.wiki
olx.wiki |
318 KB |
6 |
smartsuppcdn.com
widget-v2.smartsuppcdn.com |
218 KB |
2 |
gstatic.com
fonts.gstatic.com |
26 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com bootstrap.smartsuppchat.com |
9 KB |
1 |
imgur.com
i.imgur.com |
28 KB |
1 |
olxcdn.com
ireland.apollo.olxcdn.com |
49 KB |
1 |
googleapis.com
ajax.googleapis.com |
32 KB |
24 | 7 |
Domain | Requested by | |
---|---|---|
11 | olx.wiki |
olx.wiki
|
6 | widget-v2.smartsuppcdn.com |
www.smartsuppchat.com
widget-v2.smartsuppcdn.com |
2 | fonts.gstatic.com |
olx.wiki
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | i.imgur.com |
olx.wiki
|
1 | www.smartsuppchat.com |
olx.wiki
|
1 | ireland.apollo.olxcdn.com |
olx.wiki
|
1 | ajax.googleapis.com |
olx.wiki
|
24 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
olx.pl |
www.olx.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
olx.wiki R3 |
2021-02-05 - 2021-05-06 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
apollo.olxcdn.com Amazon |
2020-03-17 - 2021-04-17 |
a year | crt.sh |
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-12-02 - 2021-12-30 |
a year | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-11-03 - 2021-12-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://olx.wiki/f2f/4035106416
Frame ID: C1100D98FFA0ECE50E18280A02C30BB1
Requests: 19 HTTP requests in this frame
Frame:
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.2f26b054.js
Frame ID: 859316914A22C2AD95A95B38EF4CECB1
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://olx.wiki/f2f/4035106416 Page URL
- https://olx.wiki/f2f/4035106416 Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Umowa użytkownika
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://olx.wiki/f2f/4035106416 Page URL
- https://olx.wiki/f2f/4035106416 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
4035106416
olx.wiki/f2f/ |
22 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
4035106416
olx.wiki/f2f/ |
0 108 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
4035106416
olx.wiki/f2f/ |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
olx.wiki/assets/css/ |
26 KB 27 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ultra.css
olx.wiki/assets/css/ |
500 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OLX.png
olx.wiki/assets/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image;s=1000x700
ireland.apollo.olxcdn.com/v1/files/28r56l5bjq5b1-PL/ |
48 KB 49 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shield.svg
olx.wiki/assets/img/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac83mcP.png
i.imgur.com/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-bold.8dd1fb.woff
olx.wiki/build/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-regular.552ea4.woff
olx.wiki/build/fonts/ |
110 KB 88 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-semibold.1d8cbd.woff
olx.wiki/build/fonts/ |
112 KB 91 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-bold.f5331c.ttf
olx.wiki/build/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f33cee975f33b475f0a96128225a92856f13e9ab.json
bootstrap.smartsuppchat.com/widget/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v17/ |
11 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-manifest.json
widget-v2.smartsuppcdn.com/ |
2 KB 687 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.2f26b054.js
widget-v2.smartsuppcdn.com/static/js/ Frame 8593 |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.d73e307e.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 8593 |
662 KB 186 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.45858a36.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 8593 |
106 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
widget-v2.smartsuppcdn.com/translates/ Frame 8593 |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pl.json
widget-v2.smartsuppcdn.com/translates/ Frame 8593 |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| _smartsupp function| smartsupp function| setImmediate function| clearImmediate boolean| SMARTSUPP_LOADED object| $smartsupp4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
olx.wiki/ | Name: __ddos1 Value: VTvO5ahhznAx5prjLfthxOFujPo |
|
olx.wiki/ | Name: PHPSESSID Value: dl5ukn4h6nrr6l7o9vvq521fc5 |
|
olx.wiki/ | Name: __ddos2 Value: fde63315-38bf-4263-aca7-0a27be416d58 |
|
.olx.wiki/ | Name: __ddg1 Value: LVJ69LJhTvYj1Q6kVKCH |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
bootstrap.smartsuppchat.com
fonts.gstatic.com
i.imgur.com
ireland.apollo.olxcdn.com
olx.wiki
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
13.225.78.40
151.101.112.193
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a02:6ea0:c700::1
2a02:6ea0:c700::3
3.64.31.165
94.154.129.16
08da1b8d71bcfc3909ac356c0939dd793c7a9d5cc47aa598994c4a7774b033d9
0d17c2653e761f1126a917064534a4dcdc2ad5a8bd8d583ded616674299c14e3
2b7c78aeb65f51060a453f2045bd845154e76ae1dcfbac623a4ed47af62e8165
324f0c65f646d99cccc7eb6840b0ed12b55e6ea7698a7045cd1dc9397baaeca9
376d7167fc8be8c9744b35b7133e9f64c9de89dee3761ce0057587ce50e9ae55
3828727338917fd188de8a9b77f9f39b1dac314cf47f2a9305da4bd87c2864c8
40f541fc7518a6469aead40d839049eededbbad538cdc4dfaf158cf008380987
52e380f61b260acedab19811f33a6abbcf56c831bc5691af67a34651a8d2abe8
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
950b1c07dd96de4ae42cd06f0d3b8bb65a0301e0a597288adec661d0af2e4c18
97ac7cdc69f85fa4a230c8e616f9dc5f644c1c2b92a9cb83003c1f024c5a3eec
9dc6600b6014562cb88b026cafe5d32280552deda9a1e8adcbf0570302dc9232
a11dd541c60616cb20349b633e8b917dc5d73ef4ec3a6fca4871e4bfe481e990
ad9e6a97f8cf1417f9470ceed366c19c668937d6b47f973a4069f5eaf24aa01b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c4b98493d5eba133351da0d87d2a8a05e506031e8fd3366d56cde540ae176d77
cb23bb59b65840abccc00870b66723509d50586fcbacf5a0d1290094ac35d073
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
d73ce80882c9eab98acd2f9f204588c9bb56afeaabb4929f13d912d3ff6c871c
d90f05e37e2edc841ab55af211242868ae7c7c5de7f0a1013fe90221ac4ce940
ef22b8a0a2246874da565962204b44fce483accb1e723c0d5c3ad2a4005c114c