olxbank.cash
Open in
urlscan Pro
94.154.129.16
Malicious Activity!
Public Scan
Submission Tags: 6960037
Submission: On February 09 via api from NL
Summary
TLS certificate: Issued by R3 on February 8th 2021. Valid for: 3 months.
This is the only time olxbank.cash was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 94.154.129.16 94.154.129.16 | 44015 (WELLWALL-AS) (WELLWALL-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 65.9.94.104 65.9.94.104 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 2a02:6ea0:c70... 2a02:6ea0:c700::4 | 60068 (CDN77 (^_^)/) (CDN77 (^_^)/) | |
1 | 151.101.12.193 151.101.12.193 | 54113 (FASTLY) (FASTLY) | |
1 | 3.64.31.165 3.64.31.165 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
24 | 7 |
ASN60068 (CDN77 (^_^)/, GB)
www.smartsuppchat.com | |
widget-v2.smartsuppcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
olxbank.cash
olxbank.cash |
319 KB |
6 |
smartsuppcdn.com
widget-v2.smartsuppcdn.com |
218 KB |
2 |
gstatic.com
fonts.gstatic.com |
26 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com bootstrap.smartsuppchat.com |
9 KB |
1 |
imgur.com
i.imgur.com |
28 KB |
1 |
olxcdn.com
ireland.apollo.olxcdn.com |
31 KB |
1 |
googleapis.com
ajax.googleapis.com |
32 KB |
24 | 7 |
Domain | Requested by | |
---|---|---|
11 | olxbank.cash |
olxbank.cash
|
6 | widget-v2.smartsuppcdn.com |
www.smartsuppchat.com
widget-v2.smartsuppcdn.com |
2 | fonts.gstatic.com |
olxbank.cash
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | i.imgur.com |
olxbank.cash
|
1 | www.smartsuppchat.com |
olxbank.cash
|
1 | ireland.apollo.olxcdn.com |
olxbank.cash
|
1 | ajax.googleapis.com |
olxbank.cash
|
24 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
olx.pl |
www.olx.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
olxbank.cash R3 |
2021-02-08 - 2021-05-09 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
apollo.olxcdn.com Amazon |
2020-03-17 - 2021-04-17 |
a year | crt.sh |
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-12-02 - 2021-12-30 |
a year | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-11-03 - 2021-12-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://olxbank.cash/f2f/4436781512
Frame ID: D44327084E7A51FC44C80F710BE1B670
Requests: 19 HTTP requests in this frame
Frame:
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.2f26b054.js
Frame ID: 1C4C65E0E0BB3664B0091B3BFA1D83C6
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://olxbank.cash/f2f/4436781512 Page URL
- https://olxbank.cash/f2f/4436781512 Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Umowa użytkownika
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://olxbank.cash/f2f/4436781512 Page URL
- https://olxbank.cash/f2f/4436781512 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
4436781512
olxbank.cash/f2f/ |
22 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
4436781512
olxbank.cash/f2f/ |
0 108 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
4436781512
olxbank.cash/f2f/ |
12 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
olxbank.cash/assets/css/ |
26 KB 27 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ultra.css
olxbank.cash/assets/css/ |
500 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OLX.png
olxbank.cash/assets/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image;s=1000x700
ireland.apollo.olxcdn.com/v1/files/vaz3clw62k8n3-PL/ |
30 KB 31 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shield.svg
olxbank.cash/assets/img/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac83mcP.png
i.imgur.com/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-bold.8dd1fb.woff
olxbank.cash/build/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-regular.552ea4.woff
olxbank.cash/build/fonts/ |
110 KB 88 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-semibold.1d8cbd.woff
olxbank.cash/build/fonts/ |
112 KB 90 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-bold.f5331c.ttf
olxbank.cash/build/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f33cee975f33b475f0a96128225a92856f13e9ab.json
bootstrap.smartsuppchat.com/widget/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v17/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v17/ |
11 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-manifest.json
widget-v2.smartsuppcdn.com/ |
2 KB 686 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.2f26b054.js
widget-v2.smartsuppcdn.com/static/js/ Frame 1C4C |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.d73e307e.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 1C4C |
662 KB 186 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.45858a36.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 1C4C |
106 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
widget-v2.smartsuppcdn.com/translates/ Frame 1C4C |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pl.json
widget-v2.smartsuppcdn.com/translates/ Frame 1C4C |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| _smartsupp function| smartsupp function| setImmediate function| clearImmediate boolean| SMARTSUPP_LOADED object| $smartsupp4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
olxbank.cash/ | Name: __ddos2 Value: 42f60965-9d2f-4dab-bad4-e973f941ed5b |
|
olxbank.cash/ | Name: __ddos1 Value: VTvO5ahhznAx5prjLfthxOFujPo |
|
olxbank.cash/ | Name: PHPSESSID Value: pij422trknal1h4hnvauil9k95 |
|
.olxbank.cash/ | Name: __ddg1 Value: KgolIPd7KgI0M2HRKP7i |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
bootstrap.smartsuppchat.com
fonts.gstatic.com
i.imgur.com
ireland.apollo.olxcdn.com
olxbank.cash
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
151.101.12.193
2a00:1450:4001:801::2003
2a00:1450:4001:827::200a
2a02:6ea0:c700::4
3.64.31.165
65.9.94.104
94.154.129.16
00013cf61925c2d4aee9d7c310a53d86f20744ee72999b005cf7b72782436cfe
08da1b8d71bcfc3909ac356c0939dd793c7a9d5cc47aa598994c4a7774b033d9
0d17c2653e761f1126a917064534a4dcdc2ad5a8bd8d583ded616674299c14e3
20025a03a254f0d574af6434e0361907e2ff537144728cedee742e49f4e11095
2b7c78aeb65f51060a453f2045bd845154e76ae1dcfbac623a4ed47af62e8165
324f0c65f646d99cccc7eb6840b0ed12b55e6ea7698a7045cd1dc9397baaeca9
376d7167fc8be8c9744b35b7133e9f64c9de89dee3761ce0057587ce50e9ae55
3828727338917fd188de8a9b77f9f39b1dac314cf47f2a9305da4bd87c2864c8
4fb6771e1c8c0e992cd21446ba7d0d5855dcc90e0889f7f7708d11e69ed5b520
52e380f61b260acedab19811f33a6abbcf56c831bc5691af67a34651a8d2abe8
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
950b1c07dd96de4ae42cd06f0d3b8bb65a0301e0a597288adec661d0af2e4c18
97ac7cdc69f85fa4a230c8e616f9dc5f644c1c2b92a9cb83003c1f024c5a3eec
9dc6600b6014562cb88b026cafe5d32280552deda9a1e8adcbf0570302dc9232
ad9e6a97f8cf1417f9470ceed366c19c668937d6b47f973a4069f5eaf24aa01b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c4b98493d5eba133351da0d87d2a8a05e506031e8fd3366d56cde540ae176d77
cb23bb59b65840abccc00870b66723509d50586fcbacf5a0d1290094ac35d073
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
d73ce80882c9eab98acd2f9f204588c9bb56afeaabb4929f13d912d3ff6c871c
ef22b8a0a2246874da565962204b44fce483accb1e723c0d5c3ad2a4005c114c