olx.ua-paycheck.tk
Open in
urlscan Pro
2606:4700:3030::ac43:c50d
Malicious Activity!
Public Scan
Submission: On August 15 via api from JP — Scanned from JP
Summary
This is the only time olx.ua-paycheck.tk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 2606:4700:303... 2606:4700:3030::ac43:c50d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 151.101.24.193 151.101.24.193 | 54113 (FASTLY) (FASTLY) | |
1 | 172.96.161.50 172.96.161.50 | 23470 (RELIABLESITE) (RELIABLESITE) | |
1 | 13.33.21.68 13.33.21.68 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2404:6800:400... 2404:6800:4004:811::200a | 15169 (GOOGLE) (GOOGLE) | |
22 | 6 |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-21-68.lax53.r.cloudfront.net
ireland.apollo.olxcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
ua-paycheck.tk
olx.ua-paycheck.tk |
202 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423 |
36 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 267 |
31 KB |
1 |
olxcdn.com
ireland.apollo.olxcdn.com — Cisco Umbrella Rank: 56442 |
20 KB |
1 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 12370 |
45 KB |
1 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 5708 |
190 KB |
22 | 6 |
Domain | Requested by | |
---|---|---|
15 | olx.ua-paycheck.tk |
olx.ua-paycheck.tk
|
3 | cdn.jsdelivr.net |
olx.ua-paycheck.tk
|
1 | ajax.googleapis.com |
olx.ua-paycheck.tk
|
1 | ireland.apollo.olxcdn.com |
olx.ua-paycheck.tk
|
1 | i.ibb.co |
olx.ua-paycheck.tk
|
1 | i.imgur.com |
olx.ua-paycheck.tk
|
22 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.olx.ua |
uapay.ua |
novaposhta.ua |
help.olx.ua |
business.olx.ua |
blog.olx.ua |
safety.olx.ua |
www.olxgroup.com |
play.google.com |
itunes.apple.com |
www.olx.bg |
www.olx.pl |
www.olx.ro |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-02 - 2023-06-01 |
a year | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
ibb.co R3 |
2022-08-07 - 2022-11-05 |
3 months | crt.sh |
apollo.olxcdn.com Amazon |
2022-01-18 - 2023-02-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-07-18 - 2022-10-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://olx.ua-paycheck.tk/delivery/naushniki-apple-airpods-airoha-with-wireless-charging-case-IDPoPEy/
Frame ID: F4232EF081BF67473894FDE3B8487373
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Оформлення і отримання коштівDetected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
33 Outgoing links
These are links going to different origins than the main page.
Title: На головну OLX - безкоштовні оголошення
Search URL Search Domain Scan URL
Title: Додати оголошення
Search URL Search Domain Scan URL
Title: Повідомлення
Search URL Search Domain Scan URL
Title: 0
Search URL Search Domain Scan URL
Title: 0
Search URL Search Domain Scan URL
Title: Мій профіль
Search URL Search Domain Scan URL
Title: Наушники Apple AirPods Airoha with Wireless Charging case
Search URL Search Domain Scan URL
Title: Умовами
Search URL Search Domain Scan URL
Title: Умовами
Search URL Search Domain Scan URL
Title: Умовами
Search URL Search Domain Scan URL
Title: Публічним договором
Search URL Search Domain Scan URL
Title: Правила
Search URL Search Domain Scan URL
Title: Мобільні додатки
Search URL Search Domain Scan URL
Title: Допомога та Зворотній зв'язок
Search URL Search Domain Scan URL
Title: Платні послуги
Search URL Search Domain Scan URL
Title: OLX PRO
Search URL Search Domain Scan URL
Title: Бізнес на OLX
Search URL Search Domain Scan URL
Title: Для преси
Search URL Search Domain Scan URL
Title: Реклама на сайті
Search URL Search Domain Scan URL
Title: Блог OLX
Search URL Search Domain Scan URL
Title: Умови користування
Search URL Search Domain Scan URL
Title: Політика конфіденційності
Search URL Search Domain Scan URL
Title: Як продавати й купувати?
Search URL Search Domain Scan URL
Title: Правила безпеки
Search URL Search Domain Scan URL
Title: Карта сайту
Search URL Search Domain Scan URL
Title: Карта регіонів
Search URL Search Domain Scan URL
Title: Популярні запити
Search URL Search Domain Scan URL
Title: Робота в OLX
Search URL Search Domain Scan URL
Title: в Google Play Скачайте в Google Play
Search URL Search Domain Scan URL
Title: в AppStore Скачайте в AppStore
Search URL Search Domain Scan URL
Title: OLX.bg
Search URL Search Domain Scan URL
Title: OLX.pl
Search URL Search Domain Scan URL
Title: OLX.ro
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
olx.ua-paycheck.tk/delivery/naushniki-apple-airpods-airoha-with-wireless-charging-case-IDPoPEy/ |
136 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fancybox.css
cdn.jsdelivr.net/npm/@fancyapps/ui/dist/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9FaV1nC.jpg
i.imgur.com/ |
190 KB 190 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
system-error-1550732-1316130.png
i.ibb.co/F5FfHqr/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image;s=1000x662
ireland.apollo.olxcdn.com/v1/files/vbfwmjcmq8bs2-UA/ |
19 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2fdcf132b9800162a850c6a967948865f3.woff
olx.ua-paycheck.tk/fonts/ |
58 KB 58 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geomanist-regular-webfont.c77609a0d.woff2
olx.ua-paycheck.tk/delivery/core/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geomanist-book-webfont.d5d4a23a5.woff2
olx.ua-paycheck.tk/delivery/core/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2fb42224aace823f0dbdcbe9b6d56ab716.woff2
olx.ua-paycheck.tk/fonts/ |
15 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geomanist-medium-webfont.29927b8df.woff2
olx.ua-paycheck.tk/delivery/core/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2f62c54365002d2b3f6d711322c82d5935.woff
olx.ua-paycheck.tk/fonts/ |
58 KB 58 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
console-ban.min.js
cdn.jsdelivr.net/gh/fz6m/console-ban@3.2/dist/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fancybox.umd.js
cdn.jsdelivr.net/npm/@fancyapps/ui@4.0/dist/ |
103 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
maskedinput.js
olx.ua-paycheck.tk/core/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2fc9f37e6707acfc0e1255cec57c49a986.svg
olx.ua-paycheck.tk/core/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2fccd2faa9395d5faed1011516c64dc929.svg
olx.ua-paycheck.tk/core/ |
8 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2ff3db49aa88d9acd64ca43e1265bfd7bb.png
olx.ua-paycheck.tk/core/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geomanist-regular-webfont.f55ce2de1.woff
olx.ua-paycheck.tk/delivery/core/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geomanist-medium-webfont.2a1ec21e5.woff
olx.ua-paycheck.tk/delivery/core/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
geomanist-book-webfont.dd5857a8e.woff
olx.ua-paycheck.tk/delivery/core/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a35649b1d4c9738de84be469ebdf3b2e.woff2
olx.ua-paycheck.tk/fonts/ |
28 KB 28 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| ConsoleBan function| $ function| jQuery function| Carousel function| Fancybox function| Panzoom0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.jsdelivr.net
i.ibb.co
i.imgur.com
ireland.apollo.olxcdn.com
olx.ua-paycheck.tk
13.33.21.68
151.101.24.193
172.96.161.50
2404:6800:4004:811::200a
2606:4700:3030::ac43:c50d
2606:4700::6810:5914
2bb7b712ef65fca2ffb1cdb3c7593c596f4646934efca384777753332ea1ed9b
30054801ae4201e28b56658c71d8d5203fbfe5e665430570b40f2c8bb95eb4ec
331df9b318e2aec5d7ea4d0163d04c45f030a97aa6d893d4bca166aaad3ad51e
4cb9342c5f4e9d0a32b7ba698dbb03e65455d239eed16a1055595ff3b0acbef4
4cba8703cbe41e590b3d2a745e5130272c2f7af685f53553e709866000136225
7345baa61a620cacfb000c04a16e9491020c841ee0b60c4166b68c57af1bb688
9708b2965de8899c70122b18b2734558b90b0a8f34911049a77ba05e3530be1c
9cf1407b1ad119e8674ab27661b507c45cb5c8584e5692c2fde18241b4ad97a4
9ef6b58dbcb6ec33c83a2e2100a9cde733d6272965c681360cfdfacc49c77dd9
bd3bb3f7e3d8508944326a662c69c8565481882c2082e86a6376a8a14894a41f
c3172f40c0b891c351a8844aa979038ea8c00e3f755cb7521617095e2758c165
d1a7f655b0b8be63ec6bc38b04028198ba32b8aab86c194a2b628e80c59aca2a
dc2b534ec579cf951490b590c11bfe29cb04cf7eeae443cfa218f04a147bafa9
e7bdf200a2c0ca62218da3ee29d5c4cc8eca4eeaa29f6dae116df3822d6bd898
ee03159a1ee2d979a8f7d9afbdf9d29fd7597ee9d38a2ee3e323dd99300c511d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d