www.securitypsd2.work Open in urlscan Pro
198.187.29.28 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.securitypsd2.work/info/index.php
Submission: On March 24 via manual (March 24th 2021, 4:54:45 pm UTC) from IT

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 198.187.29.28, located in United States and belongs to NAMECHEAP-NET, US. The main domain is www.securitypsd2.work.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 24th 2021. Valid for: a year.

This is the only time www.securitypsd2.work was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

	IP Address	AS Autonomous System
10	198.187.29.28 198.187.29.28	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	3.120.72.169 3.120.72.169	16509 (AMAZON-02) (AMAZON-02)
4	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
16	4

10 198.187.29.28 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server125-4.web-hosting.com

www.securitypsd2.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

www.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.72.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-72-169.eu-central-1.compute.amazonaws.com

bootstrap.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

widget-v2.smartsuppcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	securitypsd2.work www.securitypsd2.work	81 KB
4	smartsuppcdn.com widget-v2.smartsuppcdn.com	213 KB
2	smartsuppchat.com www.smartsuppchat.com bootstrap.smartsuppchat.com	8 KB
16	3

	Domain	Requested by
10	www.securitypsd2.work	www.securitypsd2.work
4	widget-v2.smartsuppcdn.com	www.smartsuppchat.com
1	bootstrap.smartsuppchat.com	www.smartsuppchat.com
1	www.smartsuppchat.com	www.securitypsd2.work
16	4

This site contains no links.

Subject Issuer	Validity	Valid
securitypsd2.work Sectigo RSA Domain Validation Secure Server CA	`2021-03-24` - `2022-03-24`	a year	crt.sh
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-02` - `2021-12-30`	a year	crt.sh
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-12-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.securitypsd2.work/info/index.php
Frame ID: 9CF66DF4E441DBB4007D086D7958C091
Requests: 13 HTTP requests in this frame

Frame: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.9015c3b6.js
Frame ID: C0B15C7A08A519EB57F38602B6D943B9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

302 kB
Transfer

979 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.php Show response www.securitypsd2.work/info/	11 KB 2 KB	645ms 321ms	Document text/html	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / PHP/7.2.34 Resource Hash `6a0cdd31e615a40be4ab4ca5bd5d51fa7a2a1c30925ab2da2ed9088711d8e90f` Request headers :method GET :authority www.securitypsd2.work :scheme https :path /info/index.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT server Apache x-powered-by PHP/7.2.34 vary Accept-Encoding content-encoding gzip content-length 1960 content-type text/html; charset=UTF-8
GET H2	200	info.css www.securitypsd2.work/info/	2 KB 516 B	166ms 165ms	Stylesheet text/css	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.securitypsd2.work/info/info.css Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `97eeb3dfa47efa7aafbaf073eaf579b71c9ee1f885d4f7a070d8eeeb1114dd7e` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT content-encoding gzip last-modified Wed, 10 Feb 2021 08:10:24 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 373
GET H2	200	index.css www.securitypsd2.work/info/	48 KB 3 KB	168ms 167ms	Stylesheet text/css	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.securitypsd2.work/info/index.css Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `332fc5e3f71edeb87a18c7924f4c5c7bbe1a32cc5ed574ef3ea7b4f01522cdb5` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT content-encoding gzip last-modified Wed, 10 Feb 2021 08:10:24 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 3387
GET H2	200	jquery-3.4.1.min.js Show response www.securitypsd2.work/info/	86 KB 30 KB	309ms 308ms	Script application/javascript	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.securitypsd2.work/info/jquery-3.4.1.min.js Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 16:00:00 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 30677
GET H2	200	wb.validation.min.js Show response www.securitypsd2.work/info/	5 KB 2 KB	166ms 166ms	Script application/javascript	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.securitypsd2.work/info/wb.validation.min.js Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `8f8e56923bc181c0931f12a3dc8ed9b0d8b31da1677a2d0b2b30c806e7691afa` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 16:00:00 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1929
GET H2	200	cards.png www.securitypsd2.work/info/images/	24 KB 24 KB	304ms 304ms	Image image/png	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.securitypsd2.work/info/images/cards.png Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `5d23d098ed011a35b11dde8cf45e3110df0278d0219b46c11b462cb96f014e28` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT last-modified Wed, 10 Feb 2021 05:04:40 GMT server Apache accept-ranges bytes content-length 24153 content-type image/png
GET H2	200	555555555.PNG www.securitypsd2.work/info/images/	4 KB 4 KB	167ms 167ms	Image image/png	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.securitypsd2.work/info/images/555555555.PNG Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `742f6610b290a15741967b15ce7aed885187a652778ffa3e043186e9240eb8f0` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT last-modified Wed, 10 Feb 2021 04:35:16 GMT server Apache accept-ranges bytes content-length 3997 content-type image/png
GET H2	200	dddded.png www.securitypsd2.work/info/images/	6 KB 6 KB	169ms 169ms	Image image/png	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.securitypsd2.work/info/images/dddded.png Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `ae37203e459097921d3f7fc742c14de33a50430b86823a195460f844e2cea722` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT last-modified Wed, 10 Feb 2021 04:33:02 GMT server Apache accept-ranges bytes content-length 6453 content-type image/png
GET H2	200	666.PNG www.securitypsd2.work/info/images/	2 KB 2 KB	165ms 165ms	Image image/png	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.securitypsd2.work/info/images/666.PNG Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `d34f217c1ae477c4e2f3d091188c1af407a6d933aaf37af045060b7bba44357b` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT last-modified Wed, 10 Feb 2021 04:35:56 GMT server Apache accept-ranges bytes content-length 1752 content-type image/png
GET H2	200	logo-splash-msite.png www.securitypsd2.work/info/images/	7 KB 7 KB	169ms 169ms	Image image/png	198.187.29.28 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.securitypsd2.work/info/images/logo-splash-msite.png Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.187.29.28 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server125-4.web-hosting.com Software Apache / Resource Hash `e62e38d3cda262687803f85dcfeb47f8a8960e01a4f493475b95bf0be235481f` Request headers Referer https://www.securitypsd2.work/info/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 24 Mar 2021 16:54:29 GMT last-modified Wed, 10 Feb 2021 03:31:34 GMT server Apache accept-ranges bytes content-length 7123 content-type image/png
GET H2	200	loader.js Show response www.smartsuppchat.com/	21 KB 7 KB	101ms 28ms	Script application/javascript	2a02:6ea0:c700::1 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Full URL https://www.smartsuppchat.com/loader.js? Requested by Host: www.securitypsd2.work URL: https://www.securitypsd2.work/info/index.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `0d17c2653e761f1126a917064534a4dcdc2ad5a8bd8d583ded616674299c14e3` Request headers Referer https://www.securitypsd2.work/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-nzt AcO1rywRsbTvHwAAAA== date Wed, 24 Mar 2021 16:54:29 GMT content-encoding br etag W/"5f741f43-522f" last-modified Wed, 30 Sep 2020 06:01:39 GMT server CDN77-Turbo x-77-nzt-ray RSrY1iEtHxM= x-77-cache HIT content-type application/javascript cache-control max-age=60 x-cache HIT x-age 31 x-77-pop frankfurtDE expires Wed, 24 Mar 2021 16:55:29 GMT
GET H2	200	958c6b03b241f55e415e9964dbc437c30571c6f8.json Show response bootstrap.smartsuppchat.com/widget/	720 B 964 B	252ms 23ms	XHR application/json	3.120.72.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bootstrap.smartsuppchat.com/widget/958c6b03b241f55e415e9964dbc437c30571c6f8.json Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.72.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-72-169.eu-central-1.compute.amazonaws.com Software / Resource Hash `d2773e2b9f7c75bb45ddcab6cef2bec5ca176f4e48cbf97bede173154d05b71b` Request headers Referer https://www.securitypsd2.work/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers x-version 87c08db96edbc2eef5837c31371d9132b3b8c4b5 date Wed, 24 Mar 2021 16:54:30 GMT x-hit redis etag "2d0-w9dlrOA67LbhHIGCDGsApVG/sAo" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, max-age=0, must-revalidate content-length 720
GET H2	200	asset-manifest.json Show response widget-v2.smartsuppcdn.com/	1 KB 629 B	117ms 32ms	XHR application/json	2a02:6ea0:c700::4 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/asset-manifest.json Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `4e9ca5f803ed21b3fd73d60bb42865026b4936860cddbe38b620701051d87c17` Request headers Referer https://www.securitypsd2.work/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers x-77-nzt AcO1rzU36TnvNAAAAA== date Wed, 24 Mar 2021 16:54:30 GMT content-encoding br etag W/"605b46c3-5f8" last-modified Wed, 24 Mar 2021 14:03:47 GMT server CDN77-Turbo x-77-nzt-ray Ejduisc1wyI= x-77-cache HIT content-type application/json access-control-allow-origin * cache-control max-age=300, public, s-maxage=60 x-cache HIT x-age 52 x-77-pop frankfurtDE expires Wed, 24 Mar 2021 14:51:33 GMT
GET H2	200	runtime-main.9015c3b6.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame C0B1	2 KB 1 KB	97ms 31ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/runtime-main.9015c3b6.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `b5508f6f33b952058df84ae8bf6496265f9d498c7dccb4fd806a3c4bd68f8a1c` Request headers Referer https://www.securitypsd2.work/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-nzt AcO1rzUm5N7v/R0AAA== date Wed, 24 Mar 2021 16:54:30 GMT content-encoding br etag W/"605b46c3-982" last-modified Wed, 24 Mar 2021 14:03:47 GMT server CDN77-Turbo x-77-nzt-ray Sf1aHz3JXc8= x-77-cache HIT content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable x-cache HIT x-age 7677 x-77-pop frankfurtDE expires Thu, 24 Mar 2022 14:46:33 GMT
GET H2	200	3.cfe41dd7.chunk.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame C0B1	655 KB 185 KB	160ms 95ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/3.cfe41dd7.chunk.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `bd48a199abdc6399e7571e7f2a712e2a55b1b1cdab4f519582ac08ca35b63249` Request headers Referer https://www.securitypsd2.work/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-nzt AcO1rzU4vsLv/R0AAA== date Wed, 24 Mar 2021 16:54:30 GMT content-encoding br etag W/"605b46c3-a3af2" last-modified Wed, 24 Mar 2021 14:03:47 GMT server CDN77-Turbo x-77-nzt-ray U+I+o+BV9F0= x-77-cache HIT content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable x-cache HIT x-age 7677 x-77-pop frankfurtDE expires Thu, 24 Mar 2022 14:46:33 GMT
GET H2	200	main.42faf620.chunk.js Show response widget-v2.smartsuppcdn.com/static/js/ Frame C0B1	105 KB 26 KB	214ms 149ms	Script application/javascript	2a02:6ea0:c700::4 CDN77 (^_^)/
General Check archive.org Show headers Download Go to Full URL https://widget-v2.smartsuppcdn.com/static/js/main.42faf620.chunk.js Requested by Host: www.smartsuppchat.com URL: https://www.smartsuppchat.com/loader.js? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB), Reverse DNS Software CDN77-Turbo / Resource Hash `c9a12f0f7c13c6b0d39e3bc04026f633fa08d81ceefa9174ccf9f6184a8d0e69` Request headers Referer https://www.securitypsd2.work/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-77-nzt AcO1rzXOzmbv/R0AAA== date Wed, 24 Mar 2021 16:54:30 GMT content-encoding br etag W/"605b46c3-1a269" last-modified Wed, 24 Mar 2021 14:03:47 GMT server CDN77-Turbo x-77-nzt-ray Bh/eYAOuXHE= x-77-cache HIT content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public, immutable x-cache HIT x-age 7677 x-77-pop frankfurtDE expires Thu, 24 Mar 2022 14:46:33 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bootstrap.smartsuppchat.com
widget-v2.smartsuppcdn.com
www.securitypsd2.work
www.smartsuppchat.com
198.187.29.28
2a02:6ea0:c700::1
2a02:6ea0:c700::4
3.120.72.169
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d17c2653e761f1126a917064534a4dcdc2ad5a8bd8d583ded616674299c14e3
332fc5e3f71edeb87a18c7924f4c5c7bbe1a32cc5ed574ef3ea7b4f01522cdb5
4e9ca5f803ed21b3fd73d60bb42865026b4936860cddbe38b620701051d87c17
5d23d098ed011a35b11dde8cf45e3110df0278d0219b46c11b462cb96f014e28
6a0cdd31e615a40be4ab4ca5bd5d51fa7a2a1c30925ab2da2ed9088711d8e90f
742f6610b290a15741967b15ce7aed885187a652778ffa3e043186e9240eb8f0
8f8e56923bc181c0931f12a3dc8ed9b0d8b31da1677a2d0b2b30c806e7691afa
97eeb3dfa47efa7aafbaf073eaf579b71c9ee1f885d4f7a070d8eeeb1114dd7e
ae37203e459097921d3f7fc742c14de33a50430b86823a195460f844e2cea722
b5508f6f33b952058df84ae8bf6496265f9d498c7dccb4fd806a3c4bd68f8a1c
bd48a199abdc6399e7571e7f2a712e2a55b1b1cdab4f519582ac08ca35b63249
c9a12f0f7c13c6b0d39e3bc04026f633fa08d81ceefa9174ccf9f6184a8d0e69
d2773e2b9f7c75bb45ddcab6cef2bec5ca176f4e48cbf97bede173154d05b71b
d34f217c1ae477c4e2f3d091188c1af407a6d933aaf37af045060b7bba44357b
e62e38d3cda262687803f85dcfeb47f8a8960e01a4f493475b95bf0be235481f

www.securitypsd2.work Open in urlscan Pro 198.187.29.28 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

302 kBTransfer

979 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

0 Cookies

Indicators

www.securitypsd2.work Open in urlscan Pro
198.187.29.28 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

302 kB
Transfer

979 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!