olx-pl.cc
Open in
urlscan Pro
178.208.83.17
Malicious Activity!
Public Scan
Submission: On November 24 via api from PL
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 20th 2020. Valid for: a year.
This is the only time olx-pl.cc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 178.208.83.17 178.208.83.17 | 207384 (MCHOST-AS...) (MCHOST-AS McHost LLC) | |
1 | 65.9.68.110 65.9.68.110 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 13.226.159.126 13.226.159.126 | 16509 (AMAZON-02) (AMAZON-02) | |
14 | 4 |
ASN207384 (MCHOST-AS McHost LLC, Moscow, Russia, RU)
PTR: s13.h.mchost.ru
olx-pl.cc |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-126.dus51.r.cloudfront.net
static.olx.ua |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
olx.ua
www.olx.ua static.olx.ua |
159 KB |
5 |
olx-pl.cc
1 redirects
olx-pl.cc |
161 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
14 | 3 |
Domain | Requested by | |
---|---|---|
8 | static.olx.ua |
olx-pl.cc
|
5 | olx-pl.cc |
1 redirects
olx-pl.cc
|
1 | www.olx.ua |
olx-pl.cc
|
0 | fhhdlnnepfjhlhilgmeepgkhjmhhhjkh Failed |
olx-pl.cc
|
14 | 4 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
olx-pl.cc Sectigo RSA Domain Validation Secure Server CA |
2020-11-20 - 2021-11-21 |
a year | crt.sh |
olx.ua Amazon |
2020-03-16 - 2021-04-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://olx-pl.cc/item/29736085895fbbd4a08f0e7
Frame ID: CDE54577A489329BC8E7C884F401118F
Requests: 14 HTTP requests in this frame
26 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Dоdaj оgłоszenie
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Mój ОLX
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Aplikacje mоbilne ОLX.pl
Search URL Search Domain Scan URL
Title: Pоmоc
Search URL Search Domain Scan URL
Title: Wyróżniоne оgłоszenia
Search URL Search Domain Scan URL
Title: Blоg
Search URL Search Domain Scan URL
Title: Regulamin
Search URL Search Domain Scan URL
Title: Pоlityka prywatnоści
Search URL Search Domain Scan URL
Title: Reklama
Search URL Search Domain Scan URL
Title: Biurо prasоwe
Search URL Search Domain Scan URL
Title: Jak działa OLX.pl
Search URL Search Domain Scan URL
Title: Zasady bezpieczeństwa
Search URL Search Domain Scan URL
Title: Mapa kategorii
Search URL Search Domain Scan URL
Title: Mapa miejscowości
Search URL Search Domain Scan URL
Title: Popularne wyszukiwania
Search URL Search Domain Scan URL
Title: Kariera
Search URL Search Domain Scan URL
Title: Kody rabatowe
Search URL Search Domain Scan URL
Title: w Google Play Pobierz w Google Play
Search URL Search Domain Scan URL
Title: w AppStore Pobierz w AppStore
Search URL Search Domain Scan URL
Title: w AppGallery Pobierz w AppGallery
Search URL Search Domain Scan URL
Title: OLX.bg
Search URL Search Domain Scan URL
Title: OLX.ro
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://olx-pl.cc/item/static/check.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F HTTP 302
- https://www.olx.ua/
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
29736085895fbbd4a08f0e7
olx-pl.cc/item/ |
857 KB 141 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
detector.js
fhhdlnnepfjhlhilgmeepgkhjmhhhjkh/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.olx.ua/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
30-512%20(1).png
olx-pl.cc/static/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boxberry.png
olx-pl.cc/static/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
29736085895fbbd4a08f0e71606145190.jpg
olx-pl.cc/bot/img/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f7d515ccf53e427f222999e9e6f453e1c.woff2
static.olx.ua/static/olxua/packed/font/ |
42 KB 42 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f5da9077a4fd524bfa4a23e595fc41982.woff2
static.olx.ua/static/olxua/packed/font/ |
42 KB 43 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f31b2e28c8a5ed8afb69bcc8851caea83.woff2
static.olx.ua/static/olxua/packed/font/ |
14 KB 15 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f93d984f561637f78d1b86363c029781c.woff2
static.olx.ua/static/olxua/packed/font/ |
42 KB 42 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2fc9f37e6707acfc0e1255cec57c49a986.svg
static.olx.ua/static/olxua/packed/font/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2fccd2faa9395d5faed1011516c64dc929.svg
static.olx.ua/static/olxua/packed/font/ |
8 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f601b9bb08d8fa367b5341a761574c88b.svg
static.olx.ua/static/olxua/packed/font/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2ff3db49aa88d9acd64ca43e1265bfd7bb.png
static.olx.ua/static/olxua/packed/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
- URL
- chrome-extension://fhhdlnnepfjhlhilgmeepgkhjmhhhjkh/js/detector.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| loggedUserId number| showPasswordBlock number| showPasswordBlockLevel object| observedNC function| sub0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
olx-pl.cc
static.olx.ua
www.olx.ua
fhhdlnnepfjhlhilgmeepgkhjmhhhjkh
13.226.159.126
178.208.83.17
65.9.68.110
1b4ba62f949fe2ab842839923b3cf410612d68a1766d56aec55e4b85d48ba06c
1db2323b3cfe04d900aa7860b5707f9d986b78a8d8d6ef521133a922520f5aed
2383e4a01c9cea2352a87cbd5c1326a38ec4b493025ddba6eb12d3fa8060edee
3d2d1cefcb9a492fc0d04a6f10ca26ba35d3cf8610b9badf642caba4b4db92e1
569dfb358f4225b13d41d01839afac49beddaae5aa623ae351216af6bfa8fb2b
6ab739613263b0f46fc2a2122ee76094d0c95c25c2951f2456ebbdc80e2e55a3
71bb5bb85124d95544835666cd7d22947496648808c32b1968d070a623cab1a3
9ef6b58dbcb6ec33c83a2e2100a9cde733d6272965c681360cfdfacc49c77dd9
b664272856b8d3d6e99cf8920e7b3b02aac6b0033cb53dfba9b83679a31861f9
dc2b534ec579cf951490b590c11bfe29cb04cf7eeae443cfa218f04a147bafa9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bdf200a2c0ca62218da3ee29d5c4cc8eca4eeaa29f6dae116df3822d6bd898
ee852d47edcda5139a1eea74db05add77dbdafd8bc6e9ead2b8cf5a1dfa49ac3