![](/screenshots/f02fa0b2-1494-4353-a1df-44ad39a9f90b.png)
polska-olx.id54954.xyz
Open in
urlscan Pro
2606:4700:3035::6815:5ed6
Malicious Activity!
Public Scan
Submission: On March 08 via manual from PL — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2022. Valid for: a year.
This is the only time polska-olx.id54954.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 2606:4700:303... 2606:4700:3035::6815:5ed6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.224.89.129 13.224.89.129 | 16509 (AMAZON-02) (AMAZON-02) | |
20 | 2 |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-129.zrh50.r.cloudfront.net
ireland.apollo.olxcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
id54954.xyz
polska-olx.id54954.xyz |
355 KB |
1 |
olxcdn.com
ireland.apollo.olxcdn.com — Cisco Umbrella Rank: 79296 |
32 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
19 | polska-olx.id54954.xyz |
polska-olx.id54954.xyz
|
1 | ireland.apollo.olxcdn.com |
polska-olx.id54954.xyz
|
20 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.olx.pl |
blogolxpl.com |
help.olx.pl |
www.olxgroup.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-03-07 - 2023-03-06 |
a year | crt.sh |
apollo.olxcdn.com Amazon |
2022-01-18 - 2023-02-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://polska-olx.id54954.xyz/cash18502551
Frame ID: 588C7BA8AB3878763122E8B93A5954DD
Requests: 20 HTTP requests in this frame
16 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Dodaj ogłoszenie
Search URL Search Domain Scan URL
Title: OLX blog
Search URL Search Domain Scan URL
Title: aplikacje mobilne
Search URL Search Domain Scan URL
Title: Pomóż i skontaktuj się z nami
Search URL Search Domain Scan URL
Title: Reklamy promocyjne
Search URL Search Domain Scan URL
Title: Ogólne warunki
Search URL Search Domain Scan URL
Title: Polityka prywatności
Search URL Search Domain Scan URL
Title: Polityka Cookies
Search URL Search Domain Scan URL
Title: Kariera w OLX
Search URL Search Domain Scan URL
Title: Jak to działa?
Search URL Search Domain Scan URL
Title: Wskazówki dotyczące bezpieczeństwa
Search URL Search Domain Scan URL
Title: Mapa kategorii
Search URL Search Domain Scan URL
Title: Reklamy według miast
Search URL Search Domain Scan URL
Title: Popularne wyszukiwania
Search URL Search Domain Scan URL
Title: Ustawienia plików cookies
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
cash18502551
polska-olx.id54954.xyz/ |
48 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-star.png
polska-olx.id54954.xyz/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-star2.png
polska-olx.id54954.xyz/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.svg
polska-olx.id54954.xyz/ |
596 B 649 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image;s=1008x567
ireland.apollo.olxcdn.com/v1/files/i3iys6415diq2-PL/ |
31 KB 32 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inpostlogo.png
polska-olx.id54954.xyz/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shield.svg
polska-olx.id54954.xyz/ |
1 KB 968 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
maeschb.svg
polska-olx.id54954.xyz/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visachb.svg
polska-olx.id54954.xyz/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mastercardchb.svg
polska-olx.id54954.xyz/ |
7 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pcichb.svg
polska-olx.id54954.xyz/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
googleplay.png
polska-olx.id54954.xyz/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appstore.png
polska-olx.id54954.xyz/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
operator-img.png
polska-olx.id54954.xyz/ |
123 KB 123 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footerimg.png
polska-olx.id54954.xyz/ |
43 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
chap.png
polska-olx.id54954.xyz/ |
476 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
sendopen.php
polska-olx.id54954.xyz/ |
0 505 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
opencheck.php
polska-olx.id54954.xyz/ |
1 B 513 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
support.php
polska-olx.id54954.xyz/ |
174 B 669 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
operator-img.png
polska-olx.id54954.xyz/ |
123 KB 123 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored object| supportbutton object| supportwindow object| docdoc object| chatscroll object| smstosupbutton object| msgtext function| ajaxsup function| sendmsg function| opencheck function| openwrite function| readwrite function| startsup1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
polska-olx.id54954.xyz/ | Name: 0800fc577294c34e0b28ad2839435945 Value: ZDU5NzZjMjA5OGIxODYzYTJjNDJmN2M2ODE5MGNhMjc%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ireland.apollo.olxcdn.com
polska-olx.id54954.xyz
13.224.89.129
2606:4700:3035::6815:5ed6
0012f324e28708731bed0824bc714355716366969a7923a4dfd459ac706dda22
085767c601c94fe98ab84cad622851ad093c8217a36e3805160263c6775b54b7
0db41e0da28b282b360aaa81b65c074dc668a488ae1a8e65578b765e3bc0a8f8
15bdd71972f139de1b9407934fdd8f76edc132392caee1735063f8b50a252ee8
17fad708e0fc018963efe9296061c6bc64dcb111d075220af41e34bf3027e3c3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
605aac984310730e834d3d0ff1321af8248e4e6d7b7e69725d4772eccab6bbbe
6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3
7ac4c13bfff904e6827af45a89e3897729b12ab3670268a9c894e14418223051
840616d5d2769feb21b5dde49a506b4202fc4ee7f463807b018cdd0a47bf2f10
8ed066d662f33b2d1d2783ecc3a200ef968150399d7f37ba5d5ca69af4a8a2b4
9f83c900591d31a599654aabf8938f87915c1417450fe19ba5d684f1dd45ff46
aa6044198fcc92a93e5f95823147d9edc0dc4408906a9e3585981752b6bba4e4
b16e3ade0e2cffbf6e7cb085471e82d7fa6448e06732c5c89fcf8fcb85254ad4
d052aaa1ea1ab5c149c656fbd3a9e162336ef22561e61f979c187387d3a3454f
d238f5c19781f77c3c695759cdf808e4f50593adbf5eed12ba58becc00525d48
d6c2d9118e9ac47e1b68b93cf52632be59b3f3f496127cc63635b0fbd969a10f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a1db45adfbd6352e52442c1adef427cad4d1b313ba39025f6dd5f73d524d2b