dostawa-poland.pl
Open in
urlscan Pro
2606:4700:3033::681b:bd51
Malicious Activity!
Public Scan
Submission: On January 09 via manual from PL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 7th 2021. Valid for: a year.
This is the only time dostawa-poland.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2606:4700:303... 2606:4700:3033::681b:bd51 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.224.94.10 13.224.94.10 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 178.21.8.220 178.21.8.220 | 197695 (AS-REG) (AS-REG) | |
1 | 151.101.12.193 151.101.12.193 | 54113 (FASTLY) (FASTLY) | |
26 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-10.zrh50.r.cloudfront.net
ireland.apollo.olxcdn.com |
ASN197695 (AS-REG, RU)
PTR: chat.cetis.ru
widget.replain.cc | |
app.replain.cc | |
storage.replain.cc |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
dostawa-poland.pl
dostawa-poland.pl |
179 KB |
8 |
replain.cc
widget.replain.cc app.replain.cc storage.replain.cc |
201 KB |
1 |
imgur.com
i.imgur.com |
28 KB |
1 |
olxcdn.com
ireland.apollo.olxcdn.com |
43 KB |
0 |
olx.pl
Failed
www.olx.pl Failed |
|
26 | 5 |
Domain | Requested by | |
---|---|---|
12 | dostawa-poland.pl |
dostawa-poland.pl
|
5 | widget.replain.cc |
dostawa-poland.pl
widget.replain.cc |
2 | app.replain.cc |
widget.replain.cc
|
1 | storage.replain.cc | |
1 | i.imgur.com |
dostawa-poland.pl
|
1 | ireland.apollo.olxcdn.com |
dostawa-poland.pl
|
0 | www.olx.pl Failed |
dostawa-poland.pl
|
26 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
olx.pl |
www.poczta-polska.pl |
www.olx.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-01-07 - 2022-01-06 |
a year | crt.sh |
apollo.olxcdn.com Amazon |
2020-03-17 - 2021-04-17 |
a year | crt.sh |
widget.replain.cc R3 |
2020-12-28 - 2021-03-28 |
3 months | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://dostawa-poland.pl/item/27663118
Frame ID: A32EC49EAF864AC53F06175B2B3411D2
Requests: 19 HTTP requests in this frame
Frame:
https://widget.replain.cc/dist/css/app.566b473c.css
Frame ID: 4A2303D1107341AC9391C0472C540AD0
Requests: 6 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: poczta-polska.pl
Search URL Search Domain Scan URL
Title: Umowy sprzedaży
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://dostawa-poland.pl/build/fonts/opensans-regular.552ea4.woff HTTP 302
- https://www.olx.pl/
- https://dostawa-poland.pl/build/fonts/opensans-semibold.1d8cbd.woff HTTP 302
- https://www.olx.pl/
- https://dostawa-poland.pl/build/fonts/opensans-semibold.e1c83f.ttf HTTP 302
- https://www.olx.pl/
- https://dostawa-poland.pl/build/fonts/opensans-regular.d7d5d4.ttf HTTP 302
- https://www.olx.pl/
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
27663118
dostawa-poland.pl/item/ |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
dostawa-poland.pl/assets/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.js
dostawa-poland.pl/assets/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
willi.css
dostawa-poland.pl/assets/ |
500 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OLX_Rebranding.png
dostawa-poland.pl/assets/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image;s=644x461
ireland.apollo.olxcdn.com/v1/files/zgd74foawbue2-PL/ |
42 KB 43 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
dostawa-poland.pl/assets/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
dostawa-poland.pl/assets/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.js
widget.replain.cc/dist/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
secure.62a90a.svg
dostawa-poland.pl/assets/ |
1 KB 877 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac83mcP.png
i.imgur.com/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-bold.8dd1fb.woff
dostawa-poland.pl/build/fonts/ |
1 B 314 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-bold.f5331c.ttf
dostawa-poland.pl/build/fonts/ |
1 B 290 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.566b473c.css
widget.replain.cc/dist/css/ Frame 4A23 |
26 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.1d26bc86.js
widget.replain.cc/dist/js/ Frame 4A23 |
361 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firasans-regular.200d5e.woff
dostawa-poland.pl/build/fonts/ |
1 B 329 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firasans-regular.b0aa19.ttf
dostawa-poland.pl/build/fonts/ |
1 B 414 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
auth
app.replain.cc/ Frame |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
auth
app.replain.cc/ Frame 4A23 |
320 B 948 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notification.ac905963.mp3
widget.replain.cc/dist/media/ Frame 4A23 |
24 KB 24 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lang-pl-json.78e2e897.js
widget.replain.cc/dist/js/ Frame 4A23 |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
160803532205363c3d1d84a216.jpg
storage.replain.cc/uploads/20201215/ Frame 4A23 |
30 KB 31 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| replainSettings function| submit boolean| replainInitialized function| ReplainAPI4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dostawa-poland.pl/ | Name: iloveyou Value: yes |
|
dostawa-poland.pl/ | Name: type Value: item |
|
.dostawa-poland.pl/ | Name: __ddg1 Value: pjPgXwOq3buYlRjekQjB |
|
.dostawa-poland.pl/ | Name: __cfduid Value: d5ae3f02146e0c68d7279d164cafc4eda1610220495 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.replain.cc
dostawa-poland.pl
i.imgur.com
ireland.apollo.olxcdn.com
storage.replain.cc
widget.replain.cc
www.olx.pl
www.olx.pl
13.224.94.10
151.101.12.193
178.21.8.220
2606:4700:3033::681b:bd51
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2c3d150dcc38b57e953789481ffd4b7e8eb4ca531f8091f8a2a600aaff20a057
376d7167fc8be8c9744b35b7133e9f64c9de89dee3761ce0057587ce50e9ae55
3d158c5f6e8159fa5b8f06d803088c73999d660103065fd89e1ce38322bb7bf7
523fa7adb83efaa0aff4945df7ba169fb167b54dd096288d4371c20f615c02b9
786da29d71eeb4f968caf0b0d4bf9dba594d801fe61e2ae97acac1d11daf7a8a
7da5e162f6616a90b7969155f655efb6d472f9e20fac96bf37185cda7250fc3a
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
7fdb0099fe3c28bcdc5300faa196e82ec6347351b11b5d4aa441ce5f34a9e000
9517c95eeb8a2df3751b3e202bb116e56b58ee71ee31be851f341bedd82c97a7
a318c24216defe206feeb73ef5be00033fa9c4a74d0b967f6532a26ca5906d3b
aae8dfc0db4af6b716e81726fbdb870fddf5b4db5536a65c1f4abcc1fb8d9ea1
bd796cde1b0768d8abf34507c03d0230b92e70084ceda4787faa2633606b6474
bfe448d87e798cc455f65c1a62f2a5f4ade3f3f4146f0360cc68b1e79e54c65a
bffc353fcd98b8c3fd77fad0117dc6ce41ab85a046a60989f27b6d3d6bc63036
d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e
ebfea15327e85b3b10738c31a623f792091ee6e4e032d96b155585a16aad29be