pl.olxdelivery.com Open in urlscan Pro
94.154.129.50 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pl.olxdelivery.com/pay/158207459625
Effective URL:
https://pl.olxdelivery.com/pay/158207459625
Submission: On April 04 via manual (April 4th 2021, 8:31:18 pm UTC) from PL

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 30 HTTP transactions. The main IP is 94.154.129.50, located in Victoria, Seychelles and belongs to LANDGARD-AS, GB. The main domain is pl.olxdelivery.com.
TLS certificate: Issued by R3 on March 16th 2021. Valid for: 3 months.

This is the only time pl.olxdelivery.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OLX Group (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1 14	94.154.129.50 94.154.129.50	44015 (LANDGARD-AS) (LANDGARD-AS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	176.126.172.116 176.126.172.116	203053 (CLAUSWEB) (CLAUSWEB)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::3	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	3.120.72.169 3.120.72.169	16509 (AMAZON-02) (AMAZON-02)
4	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
30	9

14 94.154.129.50 (Victoria, Seychelles) 1 redirects

ASN44015 (LANDGARD-AS, GB)

pl.olxdelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.126.172.116 (Galati, Romania)

ASN203053 (CLAUSWEB, RO)
PTR: cw176-abf-agb116.romania-webhosting.com

www.romaniajournal.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

www.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.72.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-72-169.eu-central-1.compute.amazonaws.com

bootstrap.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

widget-v2.smartsuppcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	olxdelivery.com 1 redirects pl.olxdelivery.com	183 KB
7	bootstrapcdn.com maxcdn.bootstrapcdn.com	21 KB
4	smartsuppcdn.com widget-v2.smartsuppcdn.com	214 KB
2	smartsuppchat.com www.smartsuppchat.com bootstrap.smartsuppchat.com	9 KB
1	gstatic.com encrypted-tbn0.gstatic.com	2 KB
1	romaniajournal.ro www.romaniajournal.ro	36 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
1	googleapis.com ajax.googleapis.com	30 KB
30	8

	Domain	Requested by
14	pl.olxdelivery.com	1 redirects pl.olxdelivery.com
7	maxcdn.bootstrapcdn.com	pl.olxdelivery.com
4	widget-v2.smartsuppcdn.com	www.smartsuppchat.com
1	bootstrap.smartsuppchat.com	www.smartsuppchat.com
1	www.smartsuppchat.com	pl.olxdelivery.com
1	encrypted-tbn0.gstatic.com	pl.olxdelivery.com
1	www.romaniajournal.ro	pl.olxdelivery.com
1	cdnjs.cloudflare.com	pl.olxdelivery.com
1	ajax.googleapis.com	pl.olxdelivery.com
30	9

This site contains no links.

Subject Issuer	Validity	Valid
pl.olxdelivery.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
www.romaniajournal.ro GoGetSSL RSA DV CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-02` - `2021-12-30`	a year	crt.sh
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-12-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://pl.olxdelivery.com/pay/158207459625
Frame ID: 2A746460E3212908609CD67E3B6BDE29
Requests: 27 HTTP requests in this frame

Frame: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.1f6e870a.js
Frame ID: A54F7D1CB120396AC393B90D167E0644
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://pl.olxdelivery.com/pay/158207459625 HTTP 307
https://pl.olxdelivery.com/pay/158207459625 Page URL

Page Statistics

30
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

498 kB
Transfer

2387 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pl.olxdelivery.com/pay/158207459625 HTTP 307
https://pl.olxdelivery.com/pay/158207459625 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 158207459625 Show response
pl.olxdelivery.com/pay/
Redirect Chain

http://pl.olxdelivery.com/pay/158207459625
https://pl.olxdelivery.com/pay/158207459625

596 KB
68 KB

381ms
349ms

Document
text/html

94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

c85a5685c0c8d6ba0cf0fb33bbe296297c402fbe57f2ab03afa23e988ab3a433

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: pl.olxdelivery.com
:scheme: https
:path: /pay/158207459625
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __ddg1=8fbP0D0CdRI0veM7THJ4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: ddos-guard
date: Sun, 04 Apr 2021 20:31:02 GMT
content-type: text/html; charset=utf-8
etag: W/"94fb8-kPOu5rMNU5PKRf/cs3zvGlt7hRM"
strict-transport-security: max-age=604800
content-encoding: br
vary: Accept-Encoding

Redirect headers

Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1=8fbP0D0CdRI0veM7THJ4; Domain=.olxdelivery.com; HttpOnly; Path=/; Expires=Mon, 04-Apr-2022 20:31:01 GMT
Date: Sun, 04 Apr 2021 20:31:01 GMT
Content-Type: text/html; charset=utf8
Location: https://pl.olxdelivery.com/pay/158207459625
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 06:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138121
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Apr 2022 06:09:01 GMT

GET
H2 200 jquery.maskedinput.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ 10 KB
3 KB 19ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2074741
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2306
cf-request-id: 09402e00ac00004a56b690e000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-284d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EBLK88r%2B1sbR53R6OlA20ZBCJ7SYA69R25Ce8q%2FbAiqYEhalkYj%2F47bdj1oXZQOiouFrr09RVia83TVKMxiL1uHinkRhywkpjIfo10AsoVngSWnAoIHlYO3AAa0W9s2XZg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63ad4c477ada4a56-FRA
expires: Fri, 25 Mar 2022 20:31:02 GMT

GET
H2 200 cpg_waiter.css
pl.olxdelivery.com/pay/pay_files/ 2 KB
473 B 174ms
172ms Stylesheet
text/css 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/cpg_waiter.css

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

1862c9880175fa8efd1f4dbbe1b6b259da83e4347c93d17f02cd9291baac4300

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:04 GMT
server: ddos-guard
age: 1
etag: W/"62a-1782be88ce0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 jquery.selectBox.css
pl.olxdelivery.com/pay/pay_files/ 4 KB
999 B 155ms
152ms Stylesheet
text/css 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/jquery.selectBox.css

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

0c0155e4a44465b078d9d27b0942265f4da2728b2c0d5ca8cde6c33dcc08daee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:05 GMT
server: ddos-guard
age: 0
etag: W/"e7c-1782be890c8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 pay-card.css
pl.olxdelivery.com/pay/pay_files/ 595 KB
54 KB 289ms
287ms Stylesheet
text/css 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/pay-card.css

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

b5ccfb8a280bf080e1ca7b495e00bb24dad5a8c5568462a345788284d3d808e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:04 GMT
server: ddos-guard
age: 1
etag: W/"94a4e-1782be88ce0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 es5-shim.min.js Show response
pl.olxdelivery.com/pay/pay_files/ 25 KB
8 KB 208ms
206ms Script
application/javascript 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/es5-shim.min.js

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:05 GMT
server: ddos-guard
age: 0
etag: W/"636d-1782be890c8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 jquery.selectBox.min.js Show response
pl.olxdelivery.com/pay/pay_files/ 15 KB
4 KB 202ms
200ms Script
application/javascript 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/jquery.selectBox.min.js

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

618a29f18c179437af17595089d0d588424fec6fa965582b95658dbd0912c824

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:04 GMT
server: ddos-guard
age: 0
etag: W/"3ddd-1782be88ce0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 rb.js Show response
pl.olxdelivery.com/pay/pay_files/ 402 B
275 B 166ms
164ms Script
application/javascript 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/rb.js

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

7fd84b8efa2c65b91c8f7fe2961bc1d2bb771a4f778df55660e60c7bb9072f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:04 GMT
server: ddos-guard
age: 1
etag: W/"192-1782be88ce0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 common.js Show response
pl.olxdelivery.com/pay/pay_files/ 2 KB
858 B 171ms
169ms Script
application/javascript 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/common.js

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

ec26f9815468cf50679868ae50993420ab25b686be16b1b8d89c3706d00a0bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:04 GMT
server: ddos-guard
age: 0
etag: W/"8df-1782be88ce0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 cpg_waiter.js Show response
pl.olxdelivery.com/pay/pay_files/ 14 KB
4 KB 157ms
155ms Script
application/javascript 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/cpg_waiter.js

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

71f3ef549efada6191a4dfdc9f49350e812fe499b8836c5232120d924f7777cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:05 GMT
server: ddos-guard
age: 1
etag: W/"37e3-1782be890c8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 standard_waiter.js Show response
pl.olxdelivery.com/pay/pay_files/ 8 KB
2 KB 178ms
176ms Script
application/javascript 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl.olxdelivery.com/pay/pay_files/standard_waiter.js

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

12deefa8218c829188d170c77c49fe8996f9d5410ee40aa50164fb318ba64d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
last-modified: Sat, 13 Mar 2021 14:06:05 GMT
server: ddos-guard
age: 0
etag: W/"1eaf-1782be890c8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
strict-transport-security: max-age=604800
accept-ranges: bytes

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
21 KB 23ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617
age: 2163805
cdn-cachedat: 2021-03-10 20:26:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09402e00ae00004ed3c481f000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6a4f2f387aa5625ea1abf31efff1b763
cf-ray: 63ad4c477c174ed3-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 404 _buttons.scss
maxcdn.bootstrapcdn.com/bootstrap/scss/ 0
0 366ms
364ms Stylesheet
text/html 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/scss/_buttons.scss
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 _reboot.scss
maxcdn.bootstrapcdn.com/bootstrap/scss/ 0
0 27ms
26ms Stylesheet
text/html 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/scss/_reboot.scss
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 _modal.scss
maxcdn.bootstrapcdn.com/bootstrap/scss/ 0
0 25ms
23ms Stylesheet
text/html 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/scss/_modal.scss
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 loader.gif
pl.olxdelivery.com/pay/pay_files/ 3 KB
3 KB 163ms
163ms Image
image/gif 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pl.olxdelivery.com/pay/pay_files/loader.gif

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

b1f4b2b5014d5a60523c88dbdd44c2a453c56009c7ce7e6ef37ae6380c8157ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
last-modified: Sat, 13 Mar 2021 14:06:05 GMT
server: ddos-guard
age: 0
etag: W/"c7f-1782be890c8"
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 3199

GET
H2 200 OLX_Rebranding.png
www.romaniajournal.ro/wp-content/uploads/2020/04/ 35 KB
36 KB 158ms
51ms Image
image/png 176.126.172.116
CLAUSWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.romaniajournal.ro/wp-content/uploads/2020/04/OLX_Rebranding.png
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.126.172.116 Galati, Romania, ASN203053 (CLAUSWEB, RO),
Reverse DNS: cw176-abf-agb116.romania-webhosting.com
Software: ClausWeb-nginx /
Resource Hash: bffc353fcd98b8c3fd77fad0117dc6ce41ab85a046a60989f27b6d3d6bc63036

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:02 GMT
last-modified: Wed, 15 Apr 2020 12:06:02 GMT
server: ClausWeb-nginx
etag: "5e96f8aa-8d60"
content-type: image/png
cache-control: max-age=864000, max-age=864000
accept-ranges: bytes
content-length: 36192

GET
H2 200 confirm.jpg
pl.olxdelivery.com/ 37 KB
37 KB 196ms
196ms Image
image/jpeg 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pl.olxdelivery.com/confirm.jpg

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),

Reverse DNS

Software

ddos-guard /

Resource Hash

6f89040fe20f30418d7b861165c536a6c77c86d8a4bd15a9a27f3909f33b2e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:03 GMT
last-modified: Sat, 13 Mar 2021 14:05:52 GMT
server: ddos-guard
age: 0
etag: W/"9331-1782be85e00"
strict-transport-security: max-age=604800
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 37681

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 2 KB
2 KB 34ms
13ms Image
image/png 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT5gehXh8NYPjg_H3S8ealcJIhsSACeJi-rJw&usqp=CAU

Requested by

Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce53740de345840361c675748bb2faf91d23096ba590b990783c010cd9345264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 31 Aug 2019 06:56:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1821
x-xss-protection: 0
expires: Mon, 04 Apr 2022 20:31:03 GMT

GET
H2 404 _buttons.scss
maxcdn.bootstrapcdn.com/bootstrap/scss/ 0
0 13ms
12ms Stylesheet
text/html 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/scss/_buttons.scss
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 _reboot.scss
maxcdn.bootstrapcdn.com/bootstrap/scss/ 0
0 16ms
16ms Stylesheet
text/html 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/scss/_reboot.scss
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 _modal.scss
maxcdn.bootstrapcdn.com/bootstrap/scss/ 0
0 20ms
20ms Stylesheet
text/html 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/scss/_modal.scss
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 404 youla-mobile-icons.svg
pl.olxdelivery.com/pay/ 9 B
111 B 144ms
144ms Image
text/plain 94.154.129.50
LANDGARD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pl.olxdelivery.com/pay/youla-mobile-icons.svg
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.154.129.50 Victoria, Seychelles, ASN44015 (LANDGARD-AS, GB),
Reverse DNS
Software: ddos-guard /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Referer: https://pl.olxdelivery.com/pay/158207459625
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 20:31:03 GMT
content-encoding: gzip
server: ddos-guard
age: 0
etag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 loader.js Show response
www.smartsuppchat.com/ 21 KB
7 KB 98ms
29ms Script
application/javascript 2a02:6ea0:c700::3
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://www.smartsuppchat.com/loader.js?
Requested by: Host: pl.olxdelivery.com
URL: https://pl.olxdelivery.com/pay/158207459625
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0d17c2653e761f1126a917064534a4dcdc2ad5a8bd8d583ded616674299c14e3

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzLyIonvIwAAAA==
date: Sun, 04 Apr 2021 20:31:03 GMT
content-encoding: br
etag: W/"5f741f43-522f"
last-modified: Wed, 30 Sep 2020 06:01:39 GMT
server: CDN77-Turbo
x-77-nzt-ray: nnU9aLladXY=
x-77-cache: HIT
content-type: application/javascript
cache-control: max-age=60
x-cache: HIT
x-age: 35
x-77-pop: frankfurtDE
expires: Sun, 04 Apr 2021 20:32:03 GMT

GET
H2 200 792cefafd20ee074b446aac8b4cd35e513a44606.json Show response
bootstrap.smartsuppchat.com/widget/ 8 KB
3 KB 90ms
45ms XHR
application/json 3.120.72.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.smartsuppchat.com/widget/792cefafd20ee074b446aac8b4cd35e513a44606.json
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.72.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-72-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: fe0d2070b0650c949e96a6ff804be976c3f3a3d6c8ab100253bd2b43b6df6cfb

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 87c08db96edbc2eef5837c31371d9132b3b8c4b5
date: Sun, 04 Apr 2021 20:31:03 GMT
content-encoding: br
x-hit: redis
etag: "20f1-73dnCkOGD9aUNNDN+c4wPHJRiY8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate

GET
H2 200 asset-manifest.json Show response
widget-v2.smartsuppcdn.com/ 1 KB
634 B 101ms
34ms XHR
application/json 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/asset-manifest.json
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5a33c07b0f4d4d445fc1c3c0b1f6de26475abe54b9648a653e0bf633252d09c5

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AcO1rzUC+vzvGAAAAA==
date: Sun, 04 Apr 2021 20:31:03 GMT
content-encoding: br
etag: W/"6065bdf9-5f8"
last-modified: Thu, 01 Apr 2021 12:35:05 GMT
server: CDN77-Turbo
x-77-nzt-ray: 9wK8Bs1rOuM=
x-77-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300, public, s-maxage=60
x-cache: HIT
x-age: 24
x-77-pop: frankfurtDE
expires: Thu, 01 Apr 2021 13:09:27 GMT

GET
H2 200 runtime-main.1f6e870a.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame A54F 2 KB
1 KB 115ms
45ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.1f6e870a.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 42bef8a1c0b349f74a67922fd8043197994f7e7fb81b99e8b09f3fc8a4f77bff

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzW6XGzv8lwEAA==
date: Sun, 04 Apr 2021 20:31:03 GMT
content-encoding: br
etag: W/"6065bdf9-982"
last-modified: Thu, 01 Apr 2021 12:35:05 GMT
server: CDN77-Turbo
x-77-nzt-ray: 5DPJcou9fAo=
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: HIT
x-age: 285938
x-77-pop: frankfurtDE
expires: Mon, 04 Apr 2022 20:31:03 GMT

GET
H2 200 3.60fdb476.chunk.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame A54F 660 KB
186 KB 187ms
117ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/3.60fdb476.chunk.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6db48a16bc1163bab7b56e9f36e40c07048cc1fd9ab9132d7b30ed7b976e6f11

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzU6ZDbvNF0EAA==
date: Sun, 04 Apr 2021 20:31:03 GMT
content-encoding: br
etag: W/"6065bdf9-a4f8a"
last-modified: Thu, 01 Apr 2021 12:35:05 GMT
server: CDN77-Turbo
x-77-nzt-ray: EX3Q1njYVu4=
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
x-cache: HIT
x-age: 286004
x-77-pop: frankfurtDE
expires: Fri, 01 Apr 2022 13:04:19 GMT

GET
H2 200 main.d8cd5cd9.chunk.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame A54F 104 KB
26 KB 225ms
155ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/main.d8cd5cd9.chunk.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a55e338300024ec7d47ccdbcafa496a1fa700749a6d2f515c604a3fe278758d5

Request headers

Referer: https://pl.olxdelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzVWN6bv91wEAA==
date: Sun, 04 Apr 2021 20:31:03 GMT
content-encoding: br
etag: W/"6065bdf9-1a199"
last-modified: Thu, 01 Apr 2021 12:35:05 GMT
server: CDN77-Turbo
x-77-nzt-ray: piXsmLu2tZo=
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: HIT
x-age: 285943
x-77-pop: frankfurtDE
expires: Mon, 04 Apr 2022 20:31:03 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OLX Group (E-commerce)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pl.olxdelivery.com/	1970-01-20 02:05:04	Name: __ddgid Value: je17WAFYakIWM1zR
.pl.olxdelivery.com/	1970-01-19 17:20:54	Name: __ddgmark Value: K6jfuit0LNoQ49Fd
.olxdelivery.com/	1970-01-20 02:05:04	Name: __ddg1 Value: 8fbP0D0CdRI0veM7THJ4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bootstrap.smartsuppchat.com
cdnjs.cloudflare.com
encrypted-tbn0.gstatic.com
maxcdn.bootstrapcdn.com
pl.olxdelivery.com
widget-v2.smartsuppcdn.com
www.romaniajournal.ro
www.smartsuppchat.com
176.126.172.116
2606:4700::6810:125e
2606:4700::6812:acf
2a00:1450:4001:803::200e
2a00:1450:4001:827::200a
2a02:6ea0:c700::3
2a02:6ea0:c700::4
3.120.72.169
94.154.129.50
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c0155e4a44465b078d9d27b0942265f4da2728b2c0d5ca8cde6c33dcc08daee
0d17c2653e761f1126a917064534a4dcdc2ad5a8bd8d583ded616674299c14e3
12deefa8218c829188d170c77c49fe8996f9d5410ee40aa50164fb318ba64d8e
1862c9880175fa8efd1f4dbbe1b6b259da83e4347c93d17f02cd9291baac4300
42bef8a1c0b349f74a67922fd8043197994f7e7fb81b99e8b09f3fc8a4f77bff
5a33c07b0f4d4d445fc1c3c0b1f6de26475abe54b9648a653e0bf633252d09c5
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
618a29f18c179437af17595089d0d588424fec6fa965582b95658dbd0912c824
6db48a16bc1163bab7b56e9f36e40c07048cc1fd9ab9132d7b30ed7b976e6f11
6f89040fe20f30418d7b861165c536a6c77c86d8a4bd15a9a27f3909f33b2e2d
71f3ef549efada6191a4dfdc9f49350e812fe499b8836c5232120d924f7777cc
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
7fd84b8efa2c65b91c8f7fe2961bc1d2bb771a4f778df55660e60c7bb9072f9f
a55e338300024ec7d47ccdbcafa496a1fa700749a6d2f515c604a3fe278758d5
b1f4b2b5014d5a60523c88dbdd44c2a453c56009c7ce7e6ef37ae6380c8157ff
b5ccfb8a280bf080e1ca7b495e00bb24dad5a8c5568462a345788284d3d808e5
bffc353fcd98b8c3fd77fad0117dc6ce41ab85a046a60989f27b6d3d6bc63036
c85a5685c0c8d6ba0cf0fb33bbe296297c402fbe57f2ab03afa23e988ab3a433
ce53740de345840361c675748bb2faf91d23096ba590b990783c010cd9345264
ec26f9815468cf50679868ae50993420ab25b686be16b1b8d89c3706d00a0bf2
f04e08b36e901f46c3e765a8429701f91fed71642da73942a23af26d477b331a
fe0d2070b0650c949e96a6ff804be976c3f3a3d6c8ab100253bd2b43b6df6cfb

pl.olxdelivery.com Open in urlscan Pro 94.154.129.50 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

30 Requests

100 %HTTPS

67 %IPv6

8 Domains

9 Subdomains

9 IPs

4 Countries

498 kBTransfer

2387 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pl.olxdelivery.com Open in urlscan Pro
94.154.129.50 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

498 kB
Transfer

2387 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!