olx.pl.delivery.oferta-payment.email Open in urlscan Pro
94.154.129.50  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response olx.pl.delivery.oferta-payment.email/get/	12 KB 4 KB	1013ms 947ms	Document text/html	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 8e85049745e58fbf78e5a3b8a925c8dbd45541e6bd8aea47ac496d2788e0cc9f Request headers :method GET :authority olx.pl.delivery.oferta-payment.email :scheme https :path /get/?id=63614654 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server ddos-guard set-cookie __ddg1=XDk211GyLyE3MbD9FMeT; Domain=.oferta-payment.email; HttpOnly; Path=/; Expires=Mon, 16-May-2022 14:00:04 GMT date Sun, 16 May 2021 14:00:07 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding content-encoding br
GET H2	200	index.css olx.pl.delivery.oferta-payment.email/get/css/	7 KB 2 KB	18ms 17ms	Stylesheet text/css	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/css/index.css Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 8a27e66fb308f8584945739458ad76a345cbe1820053957e3fec697790c1ae68 Request headers :path /get/css/index.css pragma no-cache cookie __ddg1=XDk211GyLyE3MbD9FMeT accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 10:03:26 GMT content-encoding gzip last-modified Sat, 03 Apr 2021 15:58:13 GMT server ddos-guard age 14201 etag W/"1ac6-5bf13882df9c8" vary Accept-Encoding content-type text/css set-cookie __ddgid=Xt3Aorr0FvbrH2Fj; Domain=.olx.pl.delivery.oferta-payment.email; HttpOnly; Path=/; Expires=Mon, 16-May-2022 14:00:05 GMT __ddgmark=7ypnO2ujkcosP0Fl; Domain=.olx.pl.delivery.oferta-payment.email; HttpOnly; Path=/; Expires=Mon, 17-May-2021 14:00:05 GMT accept-ranges bytes content-length 1625
GET H2	200	css2 fonts.googleapis.com/	6 KB 777 B	15ms 13ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 16 May 2021 13:39:30 GMT server ESF date Sun, 16 May 2021 14:00:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 16 May 2021 14:00:07 GMT
GET H2	200	check.js Show response check.well-wall.pro/	43 KB 14 KB	61ms 20ms	Script application/javascript	94.154.129.35 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://check.well-wall.pro/check.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.35 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash d5ec74e4639164c117452f89a4c061558841e44c4f9b0f33d7fc86330a1db1df Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding br last-modified Sat, 15 May 2021 19:46:53 GMT server ddos-guard age 380 etag "60a0252d-ac59" vary Accept-Encoding content-type application/javascript; charset=utf8 date Sun, 16 May 2021 13:53:48 GMT accept-ranges bytes x-ddg-cachegen 1621108025 content-length 14444
GET H2	200	check.svg olx.pl.delivery.oferta-payment.email/get/img/	596 B 433 B	49ms 47ms	Image image/svg+xml	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/get/img/check.svg Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash e5a1db45adfbd6352e52442c1adef427cad4d1b313ba39025f6dd5f73d524d2b Request headers :path /get/img/check.svg pragma no-cache cookie __ddg1=XDk211GyLyE3MbD9FMeT accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 13:32:14 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:58:26 GMT server ddos-guard age 1674 etag W/"254-5bf1388f12bd9" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 329
GET H2	200	image;s=3968x2976 ireland.apollo.olxcdn.com/v1/files/ei9birb4qjdk1-PL/	211 KB 211 KB	132ms 63ms	Image image/webp	13.32.6.21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ireland.apollo.olxcdn.com/v1/files/ei9birb4qjdk1-PL/image;s=3968x2976 Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.6.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-6-21.vie50.r.cloudfront.net Software / Resource Hash 6b34c055639014539d864f3b49935065282c25dcef5a01de8b2113d19cbf0f73 Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 14:45:00 GMT via 1.1 5d650f4d20204610aaf075ff8f6494c7.cloudfront.net (CloudFront) last-modified Sat, 15 May 2021 14:45:00 GMT age 83707 x-trace 9d9a5cfa-de32-4fb8-8c66-f7ba0a14e839 etag "ei9birb4qjdk1-PL" access-control-allow-methods GET, OPTIONS content-type image/webp access-control-allow-origin * cache-control public,max-age=604800 x-cache Hit from cloudfront x-amz-cf-pop VIE50-C2 content-length 215586 x-amz-cf-id mWtBlAESw-rvqwPvgUGr7D4Gxp28iAWZwjBp2N6SWQbliWjy99PPTg==
GET H2	200	shield.svg olx.pl.delivery.oferta-payment.email/get/img/	1 KB 722 B	33ms 32ms	Image image/svg+xml	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/get/img/shield.svg Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 8ed066d662f33b2d1d2783ecc3a200ef968150399d7f37ba5d5ca69af4a8a2b4 Request headers :path /get/img/shield.svg pragma no-cache cookie __ddg1=XDk211GyLyE3MbD9FMeT accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 10:03:26 GMT content-encoding gzip last-modified Sat, 03 Apr 2021 15:58:34 GMT server ddos-guard age 14201 etag W/"473-5bf13896821c9" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 628
GET H2	200	icons.png olx.pl.delivery.oferta-payment.email/get/assets/img/	68 KB 68 KB	38ms 37ms	Image image/png	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/get/assets/img/icons.png Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 4faa7e261195ab046349e36b606d9edbba655deecd429dc86143c2f6d47528c9 Request headers :path /get/assets/img/icons.png pragma no-cache cookie __ddg1=XDk211GyLyE3MbD9FMeT accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 10:03:26 GMT last-modified Sat, 03 Apr 2021 15:59:10 GMT server ddos-guard age 14201 etag "10fb5-5bf138b9611c4" content-type image/png accept-ranges bytes content-length 69557
GET H2	200	main.css olx.pl.delivery.oferta-payment.email/chat/assets/css/	19 KB 5 KB	20ms 18ms	Stylesheet text/css	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/chat/assets/css/main.css?v= Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash ed255d45b1ddff3493e2738ac23366e4f16d29448d606b3a021080c5dafa76d5 Request headers :path /chat/assets/css/main.css?v= pragma no-cache cookie __ddg1=XDk211GyLyE3MbD9FMeT accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 10:03:26 GMT content-encoding gzip last-modified Sat, 03 Apr 2021 15:57:35 GMT server ddos-guard age 14201 etag W/"4b4b-5bf1385e5daaa" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 5350
GET H2	200	jquery-3.4.1.min.js Show response olx.pl.delivery.oferta-payment.email/chat/assets/js/	86 KB 30 KB	25ms 23ms	Script application/javascript	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/chat/assets/js/jquery-3.4.1.min.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers :path /chat/assets/js/jquery-3.4.1.min.js pragma no-cache cookie __ddg1=XDk211GyLyE3MbD9FMeT accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 10:03:26 GMT content-encoding gzip last-modified Sat, 03 Apr 2021 15:57:43 GMT server ddos-guard age 14201 etag W/"15851-5bf138666b3e2" vary Accept-Encoding content-type application/javascript; charset=utf8 accept-ranges bytes content-length 30632
GET H2	200	2.png olx.pl.delivery.oferta-payment.email/chat/assets/images/	1 KB 1 KB	22ms 21ms	Image image/png	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/chat/assets/images/2.png Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/chat/assets/css/main.css?v= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash e3eede1070d23bef27c03c22a9b770569933e0bcfc950f5ab7e66707a7dffedb Request headers :path /chat/assets/images/2.png pragma no-cache cookie __ddg1=XDk211GyLyE3MbD9FMeT; __ddgid=Xt3Aorr0FvbrH2Fj; __ddgmark=7ypnO2ujkcosP0Fl accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/chat/assets/css/main.css?v= :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/chat/assets/css/main.css?v= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 13:32:14 GMT last-modified Sat, 03 Apr 2021 15:57:38 GMT server ddos-guard age 1674 etag "41f-5bf1386121b14" content-type image/png accept-ranges bytes content-length 1055
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	16 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.pl.delivery.oferta-payment.email Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 11 May 2021 00:12:11 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:39 GMT server sffe age 481676 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 expires Wed, 11 May 2022 00:12:11 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.pl.delivery.oferta-payment.email Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 01:43:32 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe age 303395 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 expires Fri, 13 May 2022 01:43:32 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 16 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.pl.delivery.oferta-payment.email Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 15:35:29 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:46 GMT server sffe age 253478 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 expires Fri, 13 May 2022 15:35:29 GMT
GET H3-29	200	KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 fonts.gstatic.com/s/roboto/v27/	11 KB 12 KB	8ms 6ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.pl.delivery.oferta-payment.email Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 07:06:02 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:42 GMT server sffe age 284045 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11768 x-xss-protection 0 expires Fri, 13 May 2022 07:06:02 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v27/	12 KB 12 KB	8ms 7ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.pl.delivery.oferta-payment.email Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 15:35:42 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:33 GMT server sffe age 253465 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11860 x-xss-protection 0 expires Fri, 13 May 2022 15:35:42 GMT
GET H3-29	200	KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v27/	12 KB 12 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.pl.delivery.oferta-payment.email Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 01:32:03 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:52 GMT server sffe age 304084 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11836 x-xss-protection 0 expires Fri, 13 May 2022 01:32:03 GMT
GET H2	200	ajax_chat.php Show response olx.pl.delivery.oferta-payment.email/chat/	1 B 29 B	317ms 317ms	XHR text/html	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/chat/ajax_chat.php?id=63614654&role=0&prop=check_new_message&_=1621173607424 Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/chat/assets/js/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br accept-language en-US x-requested-with XMLHttpRequest sec-fetch-dest empty cookie __ddg1=XDk211GyLyE3MbD9FMeT; __ddgid=Xt3Aorr0FvbrH2Fj; __ddgmark=7ypnO2ujkcosP0Fl :path /chat/ajax_chat.php?id=63614654&role=0&prop=check_new_message&_=1621173607424 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Accept */* Referer https://olx.pl.delivery.oferta-payment.email/get/?id=63614654 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:00:07 GMT content-encoding br server ddos-guard vary Accept-Encoding content-type text/html; charset=UTF-8
POST H2	200	check Show response check.well-wall.pro/	3 B 242 B	50ms 20ms	XHR text/plain	94.154.129.35 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://check.well-wall.pro/check Requested by Host: check.well-wall.pro URL: https://check.well-wall.pro/check.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.35 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-security-policy upgrade-insecure-requests; content-encoding gzip server ddos-guard date Sun, 16 May 2021 14:00:07 GMT vary Accept-Encoding content-type text/plain; charset=utf8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OLX Group (E-commerce)

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| openForm function| closeForm function| delete_msg function| checkFocus function| update function| sendmsg function| view object| _0x51fa function| _0x4aaa1b function| _0x236b5b function| _0x19e30c function| _0x187957 function| _0x3f205a function| _0x3331 object| _navigator function| simpleStringify function| XHR object| xhr object| _0x53edec object| _window string| adata

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.olx.pl.delivery.oferta-payment.email/	1970-01-20 03:05:23	Name: __ddgid Value: Xt3Aorr0FvbrH2Fj
			.olx.pl.delivery.oferta-payment.email/	1970-01-19 18:21:14	Name: __ddgmark Value: 7ypnO2ujkcosP0Fl
			.oferta-payment.email/	1970-01-20 03:05:09	Name: __ddg1 Value: XDk211GyLyE3MbD9FMeT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

check.well-wall.pro
fonts.googleapis.com
fonts.gstatic.com
ireland.apollo.olxcdn.com
olx.pl.delivery.oferta-payment.email
13.32.6.21
2a00:1450:4001:802::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
94.154.129.35
94.154.129.50
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4faa7e261195ab046349e36b606d9edbba655deecd429dc86143c2f6d47528c9
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6b34c055639014539d864f3b49935065282c25dcef5a01de8b2113d19cbf0f73
8a27e66fb308f8584945739458ad76a345cbe1820053957e3fec697790c1ae68
8e85049745e58fbf78e5a3b8a925c8dbd45541e6bd8aea47ac496d2788e0cc9f
8ed066d662f33b2d1d2783ecc3a200ef968150399d7f37ba5d5ca69af4a8a2b4
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57
d5ec74e4639164c117452f89a4c061558841e44c4f9b0f33d7fc86330a1db1df
e3eede1070d23bef27c03c22a9b770569933e0bcfc950f5ab7e66707a7dffedb
e5a1db45adfbd6352e52442c1adef427cad4d1b313ba39025f6dd5f73d524d2b
ed255d45b1ddff3493e2738ac23366e4f16d29448d606b3a021080c5dafa76d5