![](/screenshots/61f8f22f-743f-4b2f-be6b-01186453e0b9.png)
rice.seplos.workers.dev
Open in
urlscan Pro
172.67.218.211
Malicious Activity!
Public Scan
Submission: On April 20 via manual from UA — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 14th 2024. Valid for: 3 months.
This is the only time rice.seplos.workers.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 172.67.218.211 172.67.218.211 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.162.38.129 3.162.38.129 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.67.165.123 172.67.165.123 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:303... 2606:4700:3030::ac43:a57b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
22 | 7 |
ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-129.cdg52.r.cloudfront.net
ireland.apollo.olxcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
workers.dev
rice.seplos.workers.dev |
158 KB |
6 |
gstatic.com
fonts.gstatic.com |
76 KB |
4 |
suppsep.online
chat.suppsep.online api.suppsep.online |
38 KB |
1 |
olxcdn.com
ireland.apollo.olxcdn.com — Cisco Umbrella Rank: 83245 |
21 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
28 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
1 KB |
22 | 6 |
Domain | Requested by | |
---|---|---|
9 | rice.seplos.workers.dev |
rice.seplos.workers.dev
|
6 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | api.suppsep.online |
rice.seplos.workers.dev
|
2 | chat.suppsep.online |
rice.seplos.workers.dev
chat.suppsep.online |
1 | ireland.apollo.olxcdn.com |
rice.seplos.workers.dev
|
1 | cdnjs.cloudflare.com |
rice.seplos.workers.dev
|
1 | fonts.googleapis.com |
rice.seplos.workers.dev
|
22 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
seplos.workers.dev GTS CA 1P5 |
2024-03-14 - 2024-06-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
apollo.olxcdn.com Amazon RSA 2048 M03 |
2023-11-19 - 2024-12-17 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
suppsep.online E1 |
2024-03-24 - 2024-06-22 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://rice.seplos.workers.dev/link_card/ed6d5e52
Frame ID: 3A5CF94423D27FABB9950885F13B41B8
Requests: 20 HTTP requests in this frame
Frame:
https://chat.suppsep.online/widget?website_token=ALELhSW26oxuj7VY3AbNDWnB
Frame ID: E4F0BFCA7C2FBEE1B8E0184CBC66A82A
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/61f8f22f-743f-4b2f-be6b-01186453e0b9.png)
Page Title
ОLХ.UA - Отpимaння коштiвDetected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
ed6d5e52
rice.seplos.workers.dev/link_card/ |
134 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.min.css
rice.seplos.workers.dev/application/views/templates/olxua/assets25/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cleave.min.js
rice.seplos.workers.dev/application/views/templates/_universal/all_service/3ds/generic/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
check.svg
rice.seplos.workers.dev/application/views/templates/olxua/assets25/img/ |
416 B 810 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image
ireland.apollo.olxcdn.com/v1/files/doduo0nn3zv63-UA/ |
21 KB 21 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
shield.svg
rice.seplos.workers.dev/application/views/templates/olxua/assets25/img/ |
928 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.png
rice.seplos.workers.dev/application/views/templates/olxua/assets25/img/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
rice.seplos.workers.dev/application/views/templates/_base/ |
274 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ |
9 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ed6d5e52
rice.seplos.workers.dev/config/ |
4 KB 2 KB |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
rice.seplos.workers.dev/application/views/templates/olxua/assets25/img/ |
4 KB 2 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sdk.js
chat.suppsep.online/packs/js/ |
108 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
add-history-action
api.suppsep.online/chatwoot/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
add-history-action
api.suppsep.online/chatwoot/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
widget
chat.suppsep.online/ Frame E4F0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| RLP object| TTh function| $ function| jQuery function| Cleave function| a0_0x2b19 function| a0_0xfbc8 object| regeneratorRuntime object| chatwootSDK object| chatwootSettings object| $chatwoot function| playAudioAlert3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
rice.seplos.workers.dev/ | Name: PHPSESSID Value: 5h5b8c5akp2ajhc2eqqtdb9jrv |
|
rice.seplos.workers.dev/ | Name: cw_conversation Value: eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiJiYWJkMjQyMi05M2EyLTQ2NzMtYTEyZi05ZGQwMzU3MTg2NDkiLCJpbmJveF9pZCI6MX0.4GyPHSMGLhcxqq4s8CSehUNptKsQfv7JjjyIQIy4q48 |
|
rice.seplos.workers.dev/ | Name: cw_user_ALELhSW26oxuj7VY3AbNDWnB Value: 552036c0e614e2a93b2b50dfc9d0669a |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.suppsep.online
cdnjs.cloudflare.com
chat.suppsep.online
fonts.googleapis.com
fonts.gstatic.com
ireland.apollo.olxcdn.com
rice.seplos.workers.dev
104.17.24.14
172.67.165.123
172.67.218.211
2606:4700:3030::ac43:a57b
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
3.162.38.129
08444f34c9ee0d1f66a9ecd23b2733cb7de615055e0796852687a01e9cfbe60f
21487ec472989c57a3c4822fedb04540f43ab05936fda53a1d8dff1053bee213
2ff41b39f4a1f6cb04381cf15add0300c11e26fc601813749025183fb4ba092a
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
385b645c054a0a0fbaae406fa5a2d3813f82443a79dc24e7cdb3f6227384e352
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
5daae2afcd433aaf6600ac8c1201c27bc679d48e1e6f573b6bb480b83695df4f
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
846f670c7c115f643229cb6c3c23a9545f73bd25ce11a7779de967834ef7d2b7
8a865c42d0081971d075261263683ce567d3c3a9f69b981c18fdaef5d4bac72a
8d2b5c99e2f147e97c938e79bca02239e7ddd79b2d4b0e17eb14888258d3af2b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bfbf099b5eb8874748f98631c4c657dfd51e3005d2ca609d9e097388ad2245f7
dd9cb422502819bef3504e06224173733662c7939ea5beb7b5561a5c2836c3b2
e280e9be11f07b7cce8c24401d79fd8aa81e5e983c7281d78b26ee82f45aace7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e