urlscan.io logo urlscan.io
SecurityTrails logo

olligaffrending.shop Open in urlscan Pro
104.21.38.68  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://olligaffrending.shop/paragons/7798822
Submission: On February 21 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 17 HTTP transactions. The main IP is 104.21.38.68, located in and belongs to CLOUDFLARENET, US. The main domain is olligaffrending.shop.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.
This is the only time olligaffrending.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OLX Group (E-commerce)

Domain & IP information

IP Address AS Autonomous System
7 104.21.38.68 13335 (CLOUDFLAR...)
5 169.150.242.140 60068 (CDN77 ^_^)
1 52.222.149.12 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
1 18.192.59.1 16509 (AMAZON-02)
1 185.180.12.13 60068 (CDN77 ^_^)
1 35.156.159.219 16509 (AMAZON-02)
17 7
7    104.21.38.68 (None, )

ASN13335 (CLOUDFLARENET, US)
olligaffrending.shop
5    169.150.242.140 (Zagreb, Croatia)

ASN60068 (CDN77 ^_^, GB)
PTR: 522967484.zag.cdn77.com
www.smartsuppchat.com
widget-v2.smartsuppcdn.com
1    52.222.149.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-12.cdg52.r.cloudfront.net
ireland.apollo.olxcdn.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    18.192.59.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-59-1.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com
1    185.180.12.13 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: vienna-10.cdn77.com
translations.smartsuppcdn.com
1    35.156.159.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-159-219.eu-central-1.compute.amazonaws.com
websocket-visitors.smartsupp.com
Apex Domain
Subdomains		 Transfer
7 olligaffrending.shop
olligaffrending.shop
206 KB
5 smartsuppcdn.com
widget-v2.smartsuppcdn.com — Cisco Umbrella Rank: 47751
translations.smartsuppcdn.com — Cisco Umbrella Rank: 53100
194 KB
2 smartsuppchat.com
www.smartsuppchat.com — Cisco Umbrella Rank: 48250
bootstrap.smartsuppchat.com — Cisco Umbrella Rank: 43478
6 KB
1 smartsupp.com
websocket-visitors.smartsupp.com — Cisco Umbrella Rank: 38384
230 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
2 KB
1 olxcdn.com
ireland.apollo.olxcdn.com — Cisco Umbrella Rank: 51523
47 KB
17 6
Domain Requested by
7 olligaffrending.shop olligaffrending.shop
4 widget-v2.smartsuppcdn.com www.smartsuppchat.com
1 websocket-visitors.smartsupp.com widget-v2.smartsuppcdn.com
1 translations.smartsuppcdn.com widget-v2.smartsuppcdn.com
1 bootstrap.smartsuppchat.com www.smartsuppchat.com
1 cdn.jsdelivr.net olligaffrending.shop
1 ireland.apollo.olxcdn.com olligaffrending.shop
1 www.smartsuppchat.com olligaffrending.shop
17 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-17 -
2024-02-16		 a year crt.sh
*.smartsuppchat.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-30 -
2023-12-29		 a year crt.sh
apollo.olxcdn.com
Amazon		 2022-12-19 -
2024-01-17		 a year crt.sh
*.smartsuppcdn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-10-19 -
2023-11-19		 a year crt.sh
*.smartsupp.com
Amazon RSA 2048 M01		 2023-02-14 -
2023-11-22		 9 months crt.sh

This page contains 2 frames:

Primary Page: https://olligaffrending.shop/paragons/7798822
Frame ID: E1D6D6F8485FA88802683A7E9971DFD4
Requests: 12 HTTP requests in this frame

Frame: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.476fedce.js
Frame ID: 36CB0C57C67AE9BFB03242D73683476A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Witam mam do sprzedania wkłady do maszynki Gillette Venus • OLX.pl

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

7
IPs

5
Countries

455 kB
Transfer

944 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 7798822
olligaffrending.shop/paragons/ 		29 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
9c47e5fc563487681e91f24b350b187293a6192f93ed00c47e8da353c7cb4154

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79ce8782af85bf4e-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 21 Feb 2023 09:42:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BQVJ293lp1FViYsT3XuPgLViTv2u5HD1rs%2BJyTl3lmWF9Om0iQ2d0%2BoKH8zS6XYOGv5TlVcuGO5NN40wCNses30qkLEGrgiZTJs%2FnlHf3NsxGcaw%2F8byKu2ABIDzRHqCzTKuayMoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.28
loader.js
www.smartsuppchat.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.smartsuppchat.com/loader.js?
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.242.140 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
522967484.zag.cdn77.com
Software
CDN77-Turbo /
Resource Hash
827004400366298b1c2019b75c57558f2d1618bc0b27bbd2b8e03df251cfc3db

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://olligaffrending.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop
zagrebHR
date
Tue, 21 Feb 2023 09:42:06 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
14
x-77-nzt
AamW8opLAcr/DgAAAA
x-accel-expires
@1676972572
last-modified
Wed, 28 Dec 2022 13:18:33 GMT
server
CDN77-Turbo
etag
W/"63ac4229-4b9b"
x-77-nzt-ray
bcd92b1f14723315ee91f46327001d17
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300, public, s-maxage=60
expires
Wed, 28 Dec 2022 13:25:20 GMT
logo.png
olligaffrending.shop/core/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olligaffrending.shop/core/logo.png
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb0177173d8f93fcb350f13ad1a6ee742b53498ba68bc35285adfb5d6c06503f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://olligaffrending.shop/paragons/7798822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 09:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 11:34:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6906
etag
"6308afc2-8fa3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k52rHQ6wUYnJpHaz1Gtq4SjRI5hvqp37BCk6BVeSI9i6AgeLKzIxwQotY84EiOXKqScB1Fvj9uEM4UoVXkZsGAPiKTJQV6Jj9YtAxmLEITo5Ep1YlDX3QPhqXpEQEAJQ2QrEHNJ0Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79ce87b10d23bf4e-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36771
image
ireland.apollo.olxcdn.com/v1/files/q1uo1mxgshy22-PL/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ireland.apollo.olxcdn.com/v1/files/q1uo1mxgshy22-PL/image
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-12.cdg52.r.cloudfront.net
Software
/
Resource Hash
efe5322e12ac3733e15e8b9894e19d9a5f40039a2881136e01b0cd65b85d44be

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://olligaffrending.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 08:17:26 GMT
via
1.1 280bb21cc570c951a4ab6ce0d284fba4.cloudfront.net (CloudFront)
last-modified
Tue, 21 Feb 2023 08:17:26 GMT
x-amz-cf-pop
CDG52-P1
x-trace
23fbfe3e-ee24-4775-90a6-c3ec850f6d81
etag
"q1uo1mxgshy22-PL"
age
5080
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
public,max-age=604800
content-length
47932
x-amz-cf-id
kT__0mPULzlbG94Tb1gciS_TfnspltuOvfHiu2K-rlQ7mVwfcgKw6w==
30-512.png
olligaffrending.shop/core/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olligaffrending.shop/core/30-512.png
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d718f6db4a594b303fe0c91b20ea4b65a43f2097eb4a1bb957bd9ea8ad32709

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://olligaffrending.shop/paragons/7798822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 09:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 11:34:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6906
etag
"6308afc2-394d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3Py7vUc4Fa0Y4LEuQfHe7aHBJx2%2Frf5NwNl1swLnEhgmx%2FIQfsxSeO4T7%2F0oB0Qw20QUCnNp5ezBgTdJIKsS0DK1BnQYHqv63fTxEN6MhKF3MrQSbFky8A8cmRt9D%2BV5lwo2mQoZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79ce87b10d25bf4e-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14669
delivery.png
olligaffrending.shop/core/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://olligaffrending.shop/core/delivery.png
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
376d7167fc8be8c9744b35b7133e9f64c9de89dee3761ce0057587ce50e9ae55

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://olligaffrending.shop/paragons/7798822
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 09:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 11:34:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
861
etag
"6308afc2-6dc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4B3PjwMMqxUPJOcBu2pCVvFbaYWX8F1kAPJ8hNu44mUNfjN7R5MKWvbGq%2Fc%2FhPErW8XChZi4ZHE46bXZgnpzBu4lrmKEMjiP1Pc61oyJp19pwhwE0fR0KEXchA%2F3FRVdCo7Kl7D7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79ce87b10d26bf4e-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28100
geomanist-book-webfont.d5d4a23a5.woff2
olligaffrending.shop/core/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://olligaffrending.shop/core/geomanist-book-webfont.d5d4a23a5.woff2
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc39f851983d4444b388add70267b4283c47f5c4355a93e1f78ddc48bff95d9e

Request headers

Referer
https://olligaffrending.shop/paragons/7798822
Origin
https://olligaffrending.shop
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 09:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 11:34:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6408
etag
"97ec-5e7234be806ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRC%2Brw3wtzjnNrwpjI1WOClq%2FBAShAbJdiGVXOWah%2FCiWhZg9wSab%2B%2B2I%2FEHnKKn8x3QTkQtOw%2F1SjXI04V61DHoO88Rmdhg3isUIkf3LBngTrRnb2BAoZxKisE4LhEG1HMHoDJr9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79ce87b10d27bf4e-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38892
geomanist-regular-webfont.c77609a0d.woff2
olligaffrending.shop/core/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://olligaffrending.shop/core/geomanist-regular-webfont.c77609a0d.woff2
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4f961e7e1ec157d82b3edcc1c81973ba6ce63bb37195f40f6cfc6c49ef1fc2

Request headers

Referer
https://olligaffrending.shop/paragons/7798822
Origin
https://olligaffrending.shop
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 09:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 11:34:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6906
etag
"a184-5e7234be81264"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uB%2FzN9kksEAh%2BFU%2FhTbnJ5y8AysYm%2F6Iz6DKQg9thi9Lt8GvFrc7iP74Q3Od3IxZjYJfwKmHLWe9%2FSAGsGWPAUHdCPzi6H8nz%2BBGclDfbSMa3ILML8E8wWR58VMv0f1gNCFju4rQLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79ce87b10d28bf4e-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41348
geomanist-medium-webfont.29927b8df.woff2
olligaffrending.shop/core/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://olligaffrending.shop/core/geomanist-medium-webfont.29927b8df.woff2
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b69a642d0ba403a8098ddda12141345c469ef44ceabf4adfa3b5a46177f0b9

Request headers

Referer
https://olligaffrending.shop/paragons/7798822
Origin
https://olligaffrending.shop
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 09:42:06 GMT
cf-cache-status
HIT
last-modified
Fri, 26 Aug 2022 11:34:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6906
etag
"a224-5e7234be80e7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AOJj%2FH2aiCTYTURJnzM11LoE3vaM8GwPT%2Bus1QG3VMVvT3WmYqOb7GGH9RC3LGNp09YDEqPcW36aQ9Louh9oBKjrV3xHxnJ4740cfltxZCDCeJdanPleQhxOmD8NQoxcG%2F1qjbjxg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
79ce87b10d29bf4e-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
41508
console-ban.min.js
cdn.jsdelivr.net/gh/fz6m/console-ban@3.2/dist/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/fz6m/console-ban@3.2/dist/console-ban.min.js
Requested by
Host: olligaffrending.shop
URL: https://olligaffrending.shop/paragons/7798822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3172f40c0b891c351a8844aa979038ea8c00e3f755cb7521617095e2758c165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://olligaffrending.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 09:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2230073
x-jsd-version
3.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19145-FRA, cache-yyz4538-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"8ce-rBbf1wQ6Tb7A/GSLU5dCC5872DY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vF26oy7CoLtLMycKNdQCM9KIeNBPUSeXi%2BtOEQolSohRKyP55g%2ByWtJcehiBEStP%2BdqZIYVLgsrJWFRtGUVjrV1uPVkUNaSsXFBZTIrSwzolk6tCREId6MQsCH3tRDPh8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
79ce87b178eb1624-WAW
c176d641919963a1df034857f6961859e3b97b86.json
bootstrap.smartsuppchat.com/widget/ 		1 KB
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bootstrap.smartsuppchat.com/widget/c176d641919963a1df034857f6961859e3b97b86.json
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.59.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-59-1.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
79c6aca948c8224aa3f18e70e5291ae7bed6c96b04ebee0079a173c735b99fee

Request headers

Referer
https://olligaffrending.shop/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

x-version
b320280dbaf559c71e48a1dd6c0a783124d40cac
date
Tue, 21 Feb 2023 09:42:06 GMT
content-encoding
br
x-hit
redis
etag
"478-CQgSz3zXdlY+no+K06HiH0qwkqY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=0, must-revalidate
asset-manifest.json
widget-v2.smartsuppcdn.com/ 		2 KB
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget-v2.smartsuppcdn.com/asset-manifest.json
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.242.140 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
522967484.zag.cdn77.com
Software
CDN77-Turbo /
Resource Hash
3c22a548522722679df65b3fe11b4852396ccd5a3684f611d7980738c50464fc

Request headers

Referer
https://olligaffrending.shop/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

x-77-pop
zagrebHR
date
Tue, 21 Feb 2023 09:42:06 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
48
x-77-nzt
AamW8oqrDFb/MAAAAA
x-accel-expires
@1676972538
last-modified
Mon, 13 Feb 2023 08:33:32 GMT
server
CDN77-Turbo
etag
W/"63e9f5dc-6ce"
x-77-nzt-ray
bcd92b1ff7837315ee91f4630a04162d
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300, public, s-maxage=60
expires
Mon, 13 Feb 2023 09:26:40 GMT
runtime-main.476fedce.js
widget-v2.smartsuppcdn.com/static/js/ Frame 36CB 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.476fedce.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.242.140 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
522967484.zag.cdn77.com
Software
CDN77-Turbo /
Resource Hash
36699b912ca380a373d5de1978a2055e6112c7727e6b5041d66a77a6be407b50

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop
zagrebHR
date
Tue, 21 Feb 2023 09:42:06 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
692426
x-77-nzt
AamW8orjYhP/ypAKAA
x-accel-expires
@1707816100
last-modified
Mon, 13 Feb 2023 08:33:32 GMT
server
CDN77-Turbo
etag
W/"63e9f5dc-9bd"
x-77-nzt-ray
bcd92b1fc2719e15ee91f463970fb836
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 13 Feb 2024 09:21:40 GMT
6.80b8e19c.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 36CB 		525 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.smartsuppcdn.com/static/js/6.80b8e19c.chunk.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.242.140 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
522967484.zag.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f4123664f2a6fb1437f5dae6df0748307b6baa8243c11fe364ddc8f409556575

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop
zagrebHR
date
Tue, 21 Feb 2023 09:42:06 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
692426
x-77-nzt
AamW8opyXH7/ypAKAA
x-accel-expires
@1707816100
last-modified
Mon, 13 Feb 2023 08:33:32 GMT
server
CDN77-Turbo
etag
W/"63e9f5dc-8338c"
x-77-nzt-ray
bcd92b1fc2719e15ee91f4636c69dc36
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 13 Feb 2024 09:21:40 GMT
main.3c944932.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 36CB 		115 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v2.smartsuppcdn.com/static/js/main.3c944932.chunk.js
Requested by
Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.242.140 Zagreb, Croatia, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
522967484.zag.cdn77.com
Software
CDN77-Turbo /
Resource Hash
6fd15847073c063cb948b5cc2e9a1bc5976392aef4d50b9434bd50a61da59405

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop
zagrebHR
date
Tue, 21 Feb 2023 09:42:06 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
692426
x-77-nzt
AamW8oqlvNf/ypAKAA
x-accel-expires
@1707816100
last-modified
Mon, 13 Feb 2023 08:33:32 GMT
server
CDN77-Turbo
etag
W/"63e9f5dc-1cc88"
x-77-nzt-ray
bcd92b1fc2719e15ee91f4633f1bbd36
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable
expires
Tue, 13 Feb 2024 09:21:40 GMT
defaults
translations.smartsuppcdn.com/api/v1/widget/translations/lang/pl/ Frame 36CB 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://translations.smartsuppcdn.com/api/v1/widget/translations/lang/pl/defaults
Requested by
Host: widget-v2.smartsuppcdn.com
URL: https://widget-v2.smartsuppcdn.com/static/js/6.80b8e19c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.13 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
vienna-10.cdn77.com
Software
CDN77-Turbo /
Resource Hash
336e266b251ceb3ae538e0ac94af5ea36d7246e75757ddaf437c90c69589c804

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop
viennaAT
x-version
2fefdafa7314ff74acc69bb54f560135bbd664e1
date
Tue, 21 Feb 2023 09:42:07 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
311
x-response-time
0ms
x-77-nzt
Abm0DAYBoG//NwEAAA
x-accel-expires
@1676972816
server
CDN77-Turbo
x-77-nzt-ray
fefc880d3bfee6dbef91f46305ad9215
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
acquire
websocket-visitors.smartsupp.com/balancer/ Frame 36CB 		76 B
230 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://websocket-visitors.smartsupp.com/balancer/acquire
Requested by
Host: widget-v2.smartsuppcdn.com
URL: https://widget-v2.smartsuppcdn.com/static/js/6.80b8e19c.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.159.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-159-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7430e0e9d7ec9c87182ef6d025d4ee158489710ad550d886591fe67cfbc23634

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
*
x-version
70253112abbe85f179c466b00670462138c47060
date
Tue, 21 Feb 2023 09:42:07 GMT
content-length
76
vary
Origin
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OLX Group (E-commerce)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| _smartsupp function| smartsupp object| ConsoleBan boolean| SMARTSUPP_LOADED object| $smartsupp

2 Cookies

Domain/Path Name / Value
olligaffrending.shop/ Name: ssupp.vid
Value: vihMChQemPJqt
olligaffrending.shop/ Name: ssupp.visits
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bootstrap.smartsuppchat.com
cdn.jsdelivr.net
ireland.apollo.olxcdn.com
olligaffrending.shop
translations.smartsuppcdn.com
websocket-visitors.smartsupp.com
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
104.16.88.20
104.21.38.68
169.150.242.140
18.192.59.1
185.180.12.13
35.156.159.219
52.222.149.12
08b69a642d0ba403a8098ddda12141345c469ef44ceabf4adfa3b5a46177f0b9
336e266b251ceb3ae538e0ac94af5ea36d7246e75757ddaf437c90c69589c804
36699b912ca380a373d5de1978a2055e6112c7727e6b5041d66a77a6be407b50
376d7167fc8be8c9744b35b7133e9f64c9de89dee3761ce0057587ce50e9ae55
3c22a548522722679df65b3fe11b4852396ccd5a3684f611d7980738c50464fc
6fd15847073c063cb948b5cc2e9a1bc5976392aef4d50b9434bd50a61da59405
7430e0e9d7ec9c87182ef6d025d4ee158489710ad550d886591fe67cfbc23634
79c6aca948c8224aa3f18e70e5291ae7bed6c96b04ebee0079a173c735b99fee
827004400366298b1c2019b75c57558f2d1618bc0b27bbd2b8e03df251cfc3db
8d718f6db4a594b303fe0c91b20ea4b65a43f2097eb4a1bb957bd9ea8ad32709
9c47e5fc563487681e91f24b350b187293a6192f93ed00c47e8da353c7cb4154
af4f961e7e1ec157d82b3edcc1c81973ba6ce63bb37195f40f6cfc6c49ef1fc2
c3172f40c0b891c351a8844aa979038ea8c00e3f755cb7521617095e2758c165
efe5322e12ac3733e15e8b9894e19d9a5f40039a2881136e01b0cd65b85d44be
f4123664f2a6fb1437f5dae6df0748307b6baa8243c11fe364ddc8f409556575
fb0177173d8f93fcb350f13ad1a6ee742b53498ba68bc35285adfb5d6c06503f
fc39f851983d4444b388add70267b4283c47f5c4355a93e1f78ddc48bff95d9e