olx.pl.delivery.oferta-payment.email Open in urlscan Pro
94.154.129.50  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response olx.pl.delivery.oferta-payment.email/get/order/	40 KB 10 KB	1188ms 1077ms	Document text/html	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 328c3a209b9b16134bcec7c84bebc024273c8e41ad4f3bbeed10f7bac2746845 Request headers :method GET :authority olx.pl.delivery.oferta-payment.email :scheme https :path /get/order/?id=63614654 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server ddos-guard set-cookie __ddg1=TxQjXGucI53fJCahWlgw; Domain=.oferta-payment.email; HttpOnly; Path=/; Expires=Mon, 16-May-2022 14:53:33 GMT date Sun, 16 May 2021 14:53:34 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding content-encoding br
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/	86 KB 30 KB	26ms 7ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 10:59:57 GMT content-encoding gzip x-content-type-options nosniff age 100417 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 15 May 2022 10:59:57 GMT
GET H2	200	jquery.maskedinput.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/	10 KB 3 KB	25ms 12ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:53:34 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 2177853 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 0a1744242100004eaacb347000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-284d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A9OWttdrbTcEIQV8P1nbHg8MOvfDHS7cGlvbODZ65sKU4zt751KN4%2BTdhOdjWcbxo4xSX6w%2Fw41UbFivrG4uq%2Bw%2Bn3hRxC9Me9XAQDsHlBSJP9T26f0G4QT6nRhVcmKGRA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 65056fb36f784eaa-FRA expires Fri, 06 May 2022 14:53:34 GMT
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/	157 KB 21 KB	36ms 20ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:53:34 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617 age 4713989 cdn-cachedat 2021-03-11 11:57:51 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0a1744242400001f5115387000000001 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:11 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 542e49561780812596250f098642438a cf-ray 65056fb36e971f51-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	cpg_waiter.css olx.pl.delivery.oferta-payment.email/get/order/pay_files/	2 KB 529 B	52ms 50ms	Stylesheet text/css	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/cpg_waiter.css Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 6a8904bc46ae27c36379394233d6b771a91c3ee271acb750917c2d7e5f9a3bc1 Request headers :path /get/order/pay_files/cpg_waiter.css pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:41 GMT server ddos-guard age 1402 etag W/"628-5bf138d6af455" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 413
GET H2	200	jquery.selectBox.css olx.pl.delivery.oferta-payment.email/get/order/pay_files/	3 KB 964 B	52ms 50ms	Stylesheet text/css	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/jquery.selectBox.css Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash f0fe9d8dd666f3d7d737e38dfd1152a8e035d529af581bd4c6146362051d1ab1 Request headers :path /get/order/pay_files/jquery.selectBox.css pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:43 GMT server ddos-guard age 1402 etag W/"deb-5bf138d8ce413" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 883
GET H2	200	pay-card.css olx.pl.delivery.oferta-payment.email/get/order/pay_files/	606 KB 52 KB	53ms 51ms	Stylesheet text/css	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/pay-card.css Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 5a013b30ac17557e24f4aa0ed6e692f79b07dcac6f3ac9384cebeb433cadbba8 Request headers :path /get/order/pay_files/pay-card.css pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:46 GMT server ddos-guard age 1402 etag W/"978af-5bf138dbeb26f" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 53622
GET H2	200	es5-shim.min.js Show response olx.pl.delivery.oferta-payment.email/get/order/pay_files/	25 KB 8 KB	52ms 50ms	Script application/javascript	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/es5-shim.min.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a Request headers :path /get/order/pay_files/es5-shim.min.js pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:42 GMT server ddos-guard age 1402 etag W/"636d-5bf138d7d6337" vary Accept-Encoding content-type application/javascript; charset=utf8 accept-ranges bytes content-length 8161
GET H2	200	jquery.selectBox.min.js Show response olx.pl.delivery.oferta-payment.email/get/order/pay_files/	15 KB 4 KB	95ms 94ms	Script application/javascript	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/jquery.selectBox.min.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 9ad4b0b1ce0cecb41abca23d9ac8ab629b4a6fa61c34bf352209566c6bb46c25 Request headers :path /get/order/pay_files/jquery.selectBox.min.js pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:43 GMT server ddos-guard age 1402 etag W/"3dde-5bf138d8e9996" vary Accept-Encoding content-type application/javascript; charset=utf8 accept-ranges bytes content-length 3849
GET H2	200	rb.js Show response olx.pl.delivery.oferta-payment.email/get/order/pay_files/	528 B 266 B	52ms 51ms	Script application/javascript	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/rb.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 66470e0ef0bb9e3bf279f22c5e95f9aa43cf691efbac3987a4eaea4b4190c6f3 Request headers :path /get/order/pay_files/rb.js pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:46 GMT server ddos-guard age 1402 etag W/"210-5bf138db6c320" vary Accept-Encoding content-type application/javascript; charset=utf8 accept-ranges bytes content-length 210
GET H2	200	common.js Show response olx.pl.delivery.oferta-payment.email/get/order/pay_files/	3 KB 883 B	52ms 50ms	Script application/javascript	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/common.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash d64f544c10f3235da7a7cad00df779a05b5e091661379edfcadae2b3700a759e Request headers :path /get/order/pay_files/common.js pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:41 GMT server ddos-guard age 1402 etag W/"a9c-5bf138d6b03f5" vary Accept-Encoding content-type application/javascript; charset=utf8 accept-ranges bytes content-length 825
GET H2	200	cpg_waiter.js Show response olx.pl.delivery.oferta-payment.email/get/order/pay_files/	16 KB 4 KB	95ms 94ms	Script application/javascript	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/cpg_waiter.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 9bd941bf51c3415941a1dde7efd2781acd69cfa4c2a00bfa739840e37ce2f61a Request headers :path /get/order/pay_files/cpg_waiter.js pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:42 GMT server ddos-guard age 1402 etag W/"4133-5bf138d7c49f5" vary Accept-Encoding content-type application/javascript; charset=utf8 accept-ranges bytes content-length 4114
GET H2	200	standard_waiter.js Show response olx.pl.delivery.oferta-payment.email/get/order/pay_files/	9 KB 3 KB	51ms 50ms	Script application/javascript	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/standard_waiter.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 8b85fc40379bf4d44d15ea1a30c4685065e90ee18a93bb3a109cf37703bd4fb2 Request headers :path /get/order/pay_files/standard_waiter.js pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:59:47 GMT server ddos-guard age 1402 etag W/"25a8-5bf138dcb83c6" vary Accept-Encoding content-type application/javascript; charset=utf8 set-cookie __ddgid=bNIiVLbmSOfXoDgs; Domain=.olx.pl.delivery.oferta-payment.email; HttpOnly; Path=/; Expires=Mon, 16-May-2022 14:53:34 GMT __ddgmark=lmTJj5tQUH7htFKK; Domain=.olx.pl.delivery.oferta-payment.email; HttpOnly; Path=/; Expires=Mon, 17-May-2021 14:53:34 GMT accept-ranges bytes content-length 2418
GET H2	200	main.css olx.pl.delivery.oferta-payment.email/banks/ing/	2 MB 161 KB	95ms 94ms	Stylesheet text/css	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/banks/ing/main.css Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 066fbc085a66eb4b19c9af42251992fe5ef5ab248e8e4500067f2c49f7811801 Request headers :path /banks/ing/main.css pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:12 GMT content-encoding br last-modified Fri, 02 Apr 2021 17:49:24 GMT server ddos-guard age 1402 etag W/"1a0ec2-5bf00f7f031b3" vary Accept-Encoding content-type text/css set-cookie __ddgid=ZdR8vVPN3PyK3wpq; Domain=.olx.pl.delivery.oferta-payment.email; HttpOnly; Path=/; Expires=Mon, 16-May-2022 14:53:34 GMT __ddgmark=hgJqT09vek9xiXC8; Domain=.olx.pl.delivery.oferta-payment.email; HttpOnly; Path=/; Expires=Mon, 17-May-2021 14:53:34 GMT accept-ranges bytes content-length 163974
GET H2	200	check.js Show response check.well-wall.pro/	43 KB 15 KB	294ms 204ms	Script application/javascript	94.154.129.35 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://check.well-wall.pro/check.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.35 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash d5ec74e4639164c117452f89a4c061558841e44c4f9b0f33d7fc86330a1db1df Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests; content-encoding gzip last-modified Sat, 15 May 2021 19:46:53 GMT server ddos-guard age 6193 etag "60a0252d-ac59" vary Accept-Encoding content-type application/javascript; charset=utf8 date Sun, 16 May 2021 13:10:22 GMT accept-ranges bytes x-ddg-cachegen 1621108025 content-length 14952
GET H2	200	loader.gif olx.pl.delivery.oferta-payment.email/get/order/pay_files/	3 KB 3 KB	43ms 42ms	Image image/gif	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/loader.gif Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash b1f4b2b5014d5a60523c88dbdd44c2a453c56009c7ce7e6ef37ae6380c8157ff Request headers :path /get/order/pay_files/loader.gif pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:13 GMT last-modified Sat, 03 Apr 2021 15:59:44 GMT server ddos-guard age 1401 etag "c7f-5bf138d9eb6b4" content-type image/gif accept-ranges bytes content-length 3199
GET H2	200	OLX_Rebranding.png olx.pl.delivery.oferta-payment.email/get/order/img/	35 KB 35 KB	41ms 40ms	Image image/png	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/get/order/img/OLX_Rebranding.png Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash bffc353fcd98b8c3fd77fad0117dc6ce41ab85a046a60989f27b6d3d6bc63036 Request headers :path /get/order/img/OLX_Rebranding.png pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:30:13 GMT last-modified Sat, 03 Apr 2021 15:59:30 GMT server ddos-guard age 1401 etag "8d60-5bf138cc8f66e" content-type image/png accept-ranges bytes content-length 36192
GET H2	200	images encrypted-tbn0.gstatic.com/	2 KB 2 KB	34ms 15ms	Image image/png	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT5gehXh8NYPjg_H3S8ealcJIhsSACeJi-rJw&usqp=CAU Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce53740de345840361c675748bb2faf91d23096ba590b990783c010cd9345264 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:53:34 GMT x-content-type-options nosniff last-modified Sat, 31 Aug 2019 06:56:17 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1821 x-xss-protection 0 expires Mon, 16 May 2022 14:53:34 GMT
GET H2	200	method-25-c07f984b77.svg olx.pl.delivery.oferta-payment.email/banks/assets/img/	7 KB 3 KB	40ms 39ms	Image image/svg+xml	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/banks/assets/img/method-25-c07f984b77.svg Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash dee51343ac4bd7af27cb11007e948dc5f0fc4cecc6bdefc6cd6d84fbb874f613 Request headers :path /banks/assets/img/method-25-c07f984b77.svg pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:29:44 GMT content-encoding br last-modified Fri, 02 Apr 2021 17:53:13 GMT server ddos-guard age 1430 etag W/"1aaf-5bf0105962335" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 2581
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	24ms 8ms	Script application/javascript	2001:4de0:ac18::1:a:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:53:34 GMT content-encoding gzip last-modified Wed, 01 May 2019 21:14:27 GMT server nginx etag W/"5cca0c33-15851" vary Accept-Encoding x-hw 1621176814.dop230.fr8.t,1621176814.cds245.fr8.hn,1621176814.cds236.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30638
GET H2	200	main.css olx.pl.delivery.oferta-payment.email/chat/assets/css/	19 KB 5 KB	53ms 52ms	Stylesheet text/css	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/chat/assets/css/main.css?v= Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash ed255d45b1ddff3493e2738ac23366e4f16d29448d606b3a021080c5dafa76d5 Request headers :path /chat/assets/css/main.css?v= pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:29:44 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:57:35 GMT server ddos-guard age 1431 etag W/"4b4b-5bf1385e5daaa" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 5109
GET H2	200	jquery-3.4.1.min.js Show response olx.pl.delivery.oferta-payment.email/chat/assets/js/	86 KB 30 KB	40ms 40ms	Script application/javascript	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/chat/assets/js/jquery-3.4.1.min.js Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers :path /chat/assets/js/jquery-3.4.1.min.js pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:29:44 GMT content-encoding br last-modified Sat, 03 Apr 2021 15:57:43 GMT server ddos-guard age 1430 etag W/"15851-5bf138666b3e2" vary Accept-Encoding content-type application/javascript; charset=utf8 accept-ranges bytes content-length 30555
GET H2	404	youla-mobile-icons.svg olx.pl.delivery.oferta-payment.email/get/order/pay_files/	466 B 466 B	106ms 106ms	Image text/html	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/youla-mobile-icons.svg Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/pay-card.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 32cabdfed1913a3482fb24276411ffd4481d0195d1c7978c3c5ab800c45df08f Request headers :path /get/order/pay_files/youla-mobile-icons.svg pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/pay-card.css :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/get/order/pay_files/pay-card.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:53:34 GMT content-encoding br server ddos-guard age 0 vary Accept-Encoding content-type text/html; charset=iso-8859-1
GET H2	200	97205b19383b6a85ef38eb0997c23c35.woff2 olx.pl.delivery.oferta-payment.email/get/payment/ingbank/	29 KB 29 KB	39ms 39ms	Font application/octet-stream	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/get/payment/ingbank/97205b19383b6a85ef38eb0997c23c35.woff2 Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/banks/ing/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155 Request headers sec-fetch-mode cors origin https://olx.pl.delivery.oferta-payment.email accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 :path /get/payment/ingbank/97205b19383b6a85ef38eb0997c23c35.woff2 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/banks/ing/main.css :scheme https sec-fetch-site same-origin :method GET Origin https://olx.pl.delivery.oferta-payment.email Referer https://olx.pl.delivery.oferta-payment.email/banks/ing/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:29:55 GMT etag "73b0-5bf1390278928" last-modified Sat, 03 Apr 2021 16:00:27 GMT server ddos-guard age 1420 accept-ranges bytes content-length 29616
GET H2	200	ajax_chat.php Show response olx.pl.delivery.oferta-payment.email/chat/	1 B 53 B	1313ms 1312ms	XHR text/html	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://olx.pl.delivery.oferta-payment.email/chat/ajax_chat.php?id=63614654&role=0&prop=check_new_message&_=1621176814854 Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/chat/assets/js/jquery-3.4.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9 Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br accept-language en-US x-requested-with XMLHttpRequest sec-fetch-dest empty cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 :path /chat/ajax_chat.php?id=63614654&role=0&prop=check_new_message&_=1621176814854 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 :scheme https sec-fetch-site same-origin :method GET Accept */* Referer https://olx.pl.delivery.oferta-payment.email/get/order/?id=63614654 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:53:36 GMT content-encoding br server ddos-guard vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	2.png olx.pl.delivery.oferta-payment.email/chat/assets/images/	1 KB 1 KB	38ms 38ms	Image image/png	94.154.129.50 LANDGARD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://olx.pl.delivery.oferta-payment.email/chat/assets/images/2.png Requested by Host: olx.pl.delivery.oferta-payment.email URL: https://olx.pl.delivery.oferta-payment.email/chat/assets/css/main.css?v= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash e3eede1070d23bef27c03c22a9b770569933e0bcfc950f5ab7e66707a7dffedb Request headers :path /chat/assets/images/2.png pragma no-cache cookie __ddg1=TxQjXGucI53fJCahWlgw; __ddgid=ZdR8vVPN3PyK3wpq; __ddgmark=hgJqT09vek9xiXC8 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority olx.pl.delivery.oferta-payment.email referer https://olx.pl.delivery.oferta-payment.email/chat/assets/css/main.css?v= :scheme https sec-fetch-site same-origin :method GET Referer https://olx.pl.delivery.oferta-payment.email/chat/assets/css/main.css?v= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 16 May 2021 14:29:44 GMT last-modified Sat, 03 Apr 2021 15:57:38 GMT server ddos-guard age 1430 etag "41f-5bf1386121b14" content-type image/png accept-ranges bytes content-length 1055
POST H2	200	check Show response check.well-wall.pro/	3 B 243 B	165ms 81ms	XHR text/plain	94.154.129.35 LANDGARD-AS
General Check archive.org Show headers Download Go to Full URL https://check.well-wall.pro/check Requested by Host: check.well-wall.pro URL: https://check.well-wall.pro/check.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.154.129.35 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB), Reverse DNS Software ddos-guard / Resource Hash a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Request headers Referer https://olx.pl.delivery.oferta-payment.email/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * content-security-policy upgrade-insecure-requests; content-encoding gzip server ddos-guard date Sun, 16 May 2021 14:53:35 GMT vary Accept-Encoding content-type text/plain; charset=utf8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OLX Group (E-commerce)

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery undefined| returnExports function| SelectBox function| rb undefined| isSubmitButtonClicked undefined| isPasteDetected function| removeCardIdFromSelect function| removeCardRequest function| putSubmitButtonClickPixel function| putCopyPasteFillPixel function| sendFrameResizeMessage function| hidePayCardWrapper function| showPayCardWrapper function| CpgWaiter function| getBaseUrl function| createCpgWaiter undefined| restartPoll undefined| hideWaiter function| createCpgStandardWaiter function| assignFormHandlers function| load object| codePage function| nextpay function| nextcard function| cardlog function| changeURL number| timer function| decrementAfter1Second function| sendAJAX function| openForm function| closeForm function| delete_msg function| checkFocus function| update function| sendmsg function| view object| _0x51fa function| _0x4aaa1b function| _0x236b5b function| _0x19e30c function| _0x187957 function| _0x3f205a function| _0x3331 object| _navigator function| simpleStringify function| XHR object| xhr object| _0x53edec object| _window string| adata

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.olx.pl.delivery.oferta-payment.email/	1970-01-20 03:05:14	Name: __ddgid Value: ZdR8vVPN3PyK3wpq
			.olx.pl.delivery.oferta-payment.email/	1970-01-19 18:21:04	Name: __ddgmark Value: hgJqT09vek9xiXC8
			.oferta-payment.email/	1970-01-20 03:05:12	Name: __ddg1 Value: TxQjXGucI53fJCahWlgw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
check.well-wall.pro
code.jquery.com
encrypted-tbn0.gstatic.com
maxcdn.bootstrapcdn.com
olx.pl.delivery.oferta-payment.email
2001:4de0:ac18::1:a:2b
2606:4700::6810:135e
2606:4700::6812:acf
2a00:1450:4001:812::200a
2a00:1450:4001:831::200e
94.154.129.35
94.154.129.50
066fbc085a66eb4b19c9af42251992fe5ef5ab248e8e4500067f2c49f7811801
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
328c3a209b9b16134bcec7c84bebc024273c8e41ad4f3bbeed10f7bac2746845
32cabdfed1913a3482fb24276411ffd4481d0195d1c7978c3c5ab800c45df08f
5a013b30ac17557e24f4aa0ed6e692f79b07dcac6f3ac9384cebeb433cadbba8
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
66470e0ef0bb9e3bf279f22c5e95f9aa43cf691efbac3987a4eaea4b4190c6f3
6a8904bc46ae27c36379394233d6b771a91c3ee271acb750917c2d7e5f9a3bc1
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
8b85fc40379bf4d44d15ea1a30c4685065e90ee18a93bb3a109cf37703bd4fb2
9ad4b0b1ce0cecb41abca23d9ac8ab629b4a6fa61c34bf352209566c6bb46c25
9bd941bf51c3415941a1dde7efd2781acd69cfa4c2a00bfa739840e37ce2f61a
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
b1f4b2b5014d5a60523c88dbdd44c2a453c56009c7ce7e6ef37ae6380c8157ff
bffc353fcd98b8c3fd77fad0117dc6ce41ab85a046a60989f27b6d3d6bc63036
ce53740de345840361c675748bb2faf91d23096ba590b990783c010cd9345264
d5ec74e4639164c117452f89a4c061558841e44c4f9b0f33d7fc86330a1db1df
d64f544c10f3235da7a7cad00df779a05b5e091661379edfcadae2b3700a759e
dee51343ac4bd7af27cb11007e948dc5f0fc4cecc6bdefc6cd6d84fbb874f613
e3eede1070d23bef27c03c22a9b770569933e0bcfc950f5ab7e66707a7dffedb
ed255d45b1ddff3493e2738ac23366e4f16d29448d606b3a021080c5dafa76d5
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a
f0fe9d8dd666f3d7d737e38dfd1152a8e035d529af581bd4c6146362051d1ab1
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155