dostawa-w.pl
Open in
urlscan Pro
2606:4700:3035::6818:7d95
Malicious Activity!
Public Scan
Submission: On January 05 via manual from PL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2021. Valid for: a year.
This is the only time dostawa-w.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2606:4700:303... 2606:4700:3035::6818:7d95 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.224.94.40 13.224.94.40 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 178.21.8.220 178.21.8.220 | 197695 (AS-REG) (AS-REG) | |
1 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
26 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-40.zrh50.r.cloudfront.net
ireland.apollo.olxcdn.com |
ASN197695 (AS-REG, RU)
PTR: chat.cetis.ru
widget.replain.cc | |
app.replain.cc | |
storage.replain.cc |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
replain.cc
widget.replain.cc app.replain.cc storage.replain.cc |
201 KB |
8 |
dostawa-w.pl
dostawa-w.pl |
178 KB |
1 |
imgur.com
i.imgur.com |
28 KB |
1 |
olxcdn.com
ireland.apollo.olxcdn.com |
18 KB |
0 |
olx.pl
Failed
www.olx.pl Failed |
|
26 | 5 |
Domain | Requested by | |
---|---|---|
8 | dostawa-w.pl |
dostawa-w.pl
|
5 | widget.replain.cc |
dostawa-w.pl
widget.replain.cc |
2 | app.replain.cc |
widget.replain.cc
|
1 | storage.replain.cc | |
1 | i.imgur.com |
dostawa-w.pl
|
1 | ireland.apollo.olxcdn.com |
dostawa-w.pl
|
0 | www.olx.pl Failed |
dostawa-w.pl
|
26 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
olx.pl |
www.poczta-polska.pl |
www.olx.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-01-05 - 2022-01-04 |
a year | crt.sh |
apollo.olxcdn.com Amazon |
2020-03-17 - 2021-04-17 |
a year | crt.sh |
widget.replain.cc R3 |
2020-12-28 - 2021-03-28 |
3 months | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://dostawa-w.pl/item/42480144
Frame ID: DEA92AE8F11681C1E0FAFBDE9FA1FCC2
Requests: 19 HTTP requests in this frame
Frame:
https://widget.replain.cc/dist/css/app.566b473c.css
Frame ID: 9FAF6F9E7F66024AF3ED2C7EF2DB9C1B
Requests: 6 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: poczta-polska.pl
Search URL Search Domain Scan URL
Title: Umowy sprzedaży
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://dostawa-w.pl/build/fonts/opensans-bold.8dd1fb.woff HTTP 302
- https://www.olx.pl/
- https://dostawa-w.pl/build/fonts/opensans-regular.552ea4.woff HTTP 302
- https://www.olx.pl/
- https://dostawa-w.pl/build/fonts/opensans-semibold.1d8cbd.woff HTTP 302
- https://www.olx.pl/
- https://dostawa-w.pl/build/fonts/opensans-semibold.e1c83f.ttf HTTP 302
- https://www.olx.pl/
- https://dostawa-w.pl/build/fonts/opensans-bold.f5331c.ttf HTTP 302
- https://www.olx.pl/
- https://dostawa-w.pl/build/fonts/opensans-regular.d7d5d4.ttf HTTP 302
- https://www.olx.pl/
- https://dostawa-w.pl/build/fonts/firasans-regular.200d5e.woff HTTP 302
- https://www.olx.pl/
- https://dostawa-w.pl/build/fonts/firasans-regular.b0aa19.ttf HTTP 302
- https://www.olx.pl/
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
42480144
dostawa-w.pl/item/ |
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
dostawa-w.pl/assets/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.js
dostawa-w.pl/assets/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
willi.css
dostawa-w.pl/assets/ |
500 KB 73 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OLX_Rebranding.png
dostawa-w.pl/assets/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image;s=644x461
ireland.apollo.olxcdn.com/v1/files/b1ke38w2915r3-PL/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
dostawa-w.pl/assets/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
dostawa-w.pl/assets/ |
86 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.js
widget.replain.cc/dist/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
secure.62a90a.svg
dostawa-w.pl/assets/ |
1 KB 918 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac83mcP.png
i.imgur.com/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.olx.pl/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.566b473c.css
widget.replain.cc/dist/css/ Frame 9FAF |
26 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.1d26bc86.js
widget.replain.cc/dist/js/ Frame 9FAF |
361 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
auth
app.replain.cc/ Frame |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
auth
app.replain.cc/ Frame 9FAF |
320 B 952 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notification.ac905963.mp3
widget.replain.cc/dist/media/ Frame 9FAF |
24 KB 24 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lang-pl-json.78e2e897.js
widget.replain.cc/dist/js/ Frame 9FAF |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
160803532205363c3d1d84a216.jpg
storage.replain.cc/uploads/20201215/ Frame 9FAF |
30 KB 31 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
- Domain
- www.olx.pl
- URL
- https://www.olx.pl/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| replainSettings function| submit boolean| replainInitialized function| ReplainAPI4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dostawa-w.pl/ | Name: type Value: item |
|
dostawa-w.pl/ | Name: iloveyou Value: yes |
|
.dostawa-w.pl/ | Name: __ddg1 Value: 3xI7igag5uqBfhYF0wcg |
|
.dostawa-w.pl/ | Name: __cfduid Value: da584af78649e482c61fcec81227007651609878198 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.replain.cc
dostawa-w.pl
i.imgur.com
ireland.apollo.olxcdn.com
storage.replain.cc
widget.replain.cc
www.olx.pl
www.olx.pl
13.224.94.40
151.101.112.193
178.21.8.220
2606:4700:3035::6818:7d95
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d772b366288137eebfff14d9cff0ad0b81637492fb19e4f5446fe355ede21a4
2814284ac8f360b1b1f3d48434729fe6af9d867d27420bf16a086d25cbc1fdc1
2c3d150dcc38b57e953789481ffd4b7e8eb4ca531f8091f8a2a600aaff20a057
376d7167fc8be8c9744b35b7133e9f64c9de89dee3761ce0057587ce50e9ae55
3d158c5f6e8159fa5b8f06d803088c73999d660103065fd89e1ce38322bb7bf7
523fa7adb83efaa0aff4945df7ba169fb167b54dd096288d4371c20f615c02b9
786da29d71eeb4f968caf0b0d4bf9dba594d801fe61e2ae97acac1d11daf7a8a
7da5e162f6616a90b7969155f655efb6d472f9e20fac96bf37185cda7250fc3a
7dc130c23a37fd0c0ca123d95df1a1b96380f22effffb0c8175a1cc03a0d89a5
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
bd796cde1b0768d8abf34507c03d0230b92e70084ceda4787faa2633606b6474
bfe448d87e798cc455f65c1a62f2a5f4ade3f3f4146f0360cc68b1e79e54c65a
bffc353fcd98b8c3fd77fad0117dc6ce41ab85a046a60989f27b6d3d6bc63036
d29d3345cf4f562771b5b807bc898e977d32a63e49bb4b084dc86acae4597c1e
ebfea15327e85b3b10738c31a623f792091ee6e4e032d96b155585a16aad29be