safety-ogloszenia.org
Open in
urlscan Pro
2a00:f940:2:2:1:1:0:51
Malicious Activity!
Public Scan
Submission: On July 22 via api from FR
Summary
TLS certificate: Issued by R3 on July 20th 2021. Valid for: 3 months.
This is the only time safety-ogloszenia.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: OLX Group (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2a00:f940:2:2... 2a00:f940:2:2:1:1:0:51 | 197695 (AS-REG) (AS-REG) | |
1 | 2a02:6ea0:c70... 2a02:6ea0:c700::11 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
7 | 13.226.145.116 13.226.145.116 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 3.120.69.250 3.120.69.250 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2a02:6ea0:c70... 2a02:6ea0:c700::2 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
20 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-116.dus51.r.cloudfront.net
static.olx.ua |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-69-250.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
ASN60068 (CDN77 ^_^, GB)
widget-v2.smartsuppcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
olx.ua
static.olx.ua |
140 KB |
7 |
safety-ogloszenia.org
safety-ogloszenia.org |
244 KB |
4 |
smartsuppcdn.com
widget-v2.smartsuppcdn.com |
212 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com bootstrap.smartsuppchat.com |
8 KB |
20 | 4 |
Domain | Requested by | |
---|---|---|
7 | static.olx.ua |
safety-ogloszenia.org
|
7 | safety-ogloszenia.org |
safety-ogloszenia.org
|
4 | widget-v2.smartsuppcdn.com |
www.smartsuppchat.com
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | www.smartsuppchat.com |
safety-ogloszenia.org
|
20 | 5 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
safety-ogloszenia.org R3 |
2021-07-20 - 2021-10-18 |
3 months | crt.sh |
*.smartsuppchat.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-12-02 - 2021-12-30 |
a year | crt.sh |
olx.ua Amazon |
2021-02-16 - 2022-03-17 |
a year | crt.sh |
*.smartsuppcdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2020-11-03 - 2021-12-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://safety-ogloszenia.org/cash61541431
Frame ID: 204D3FAF0B32BEA52804B993B1428DF1
Requests: 17 HTTP requests in this frame
Frame:
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.ad41bfad.js
Frame ID: 78DFC7F983926DD0AEBEC9A911DED07E
Requests: 3 HTTP requests in this frame
27 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Dоdaj оgłоszenie
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Aplikacje mоbilne ОLX.pl
Search URL Search Domain Scan URL
Title: Pоmоc
Search URL Search Domain Scan URL
Title: Wyróżniоne оgłоszenia
Search URL Search Domain Scan URL
Title: Blоg
Search URL Search Domain Scan URL
Title: Regulamin
Search URL Search Domain Scan URL
Title: Pоlityka prywatnоści
Search URL Search Domain Scan URL
Title: Reklama
Search URL Search Domain Scan URL
Title: Biurо prasоwe
Search URL Search Domain Scan URL
Title: Jak działa OLX.pl
Search URL Search Domain Scan URL
Title: Zasady bezpieczeństwa
Search URL Search Domain Scan URL
Title: Mapa kategorii
Search URL Search Domain Scan URL
Title: Mapa miejscowości
Search URL Search Domain Scan URL
Title: Popularne wyszukiwania
Search URL Search Domain Scan URL
Title: Kariera
Search URL Search Domain Scan URL
Title: Kody rabatowe
Search URL Search Domain Scan URL
Title: w Google Play Pobierz w Google Play
Search URL Search Domain Scan URL
Title: w AppStore Pobierz w AppStore
Search URL Search Domain Scan URL
Title: w AppGallery Pobierz w AppGallery
Search URL Search Domain Scan URL
Title: OLX.bg
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
cash61541431
safety-ogloszenia.org/ |
856 KB 136 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
30-512%20(1).png
safety-ogloszenia.org/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boxberry.png
safety-ogloszenia.org/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dpd.png
safety-ogloszenia.org/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dhl.jpg
safety-ogloszenia.org/img/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pocta_polska.png
safety-ogloszenia.org/img/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
193.170.141.199
safety-ogloszenia.org/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f7d515ccf53e427f222999e9e6f453e1c.woff2
static.olx.ua/static/olxua/packed/font/ |
42 KB 42 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2fc9f37e6707acfc0e1255cec57c49a986.svg
static.olx.ua/static/olxua/packed/font/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2fccd2faa9395d5faed1011516c64dc929.svg
static.olx.ua/static/olxua/packed/font/ |
8 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f601b9bb08d8fa367b5341a761574c88b.svg
static.olx.ua/static/olxua/packed/font/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2ff3db49aa88d9acd64ca43e1265bfd7bb.png
static.olx.ua/static/olxua/packed/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f5da9077a4fd524bfa4a23e595fc41982.woff2
static.olx.ua/static/olxua/packed/font/ |
42 KB 43 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2f93d984f561637f78d1b86363c029781c.woff2
static.olx.ua/static/olxua/packed/font/ |
42 KB 42 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fc503a2eea39e2fa2346b128626eb82cbbab143e.json
bootstrap.smartsuppchat.com/widget/ |
824 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-manifest.json
widget-v2.smartsuppcdn.com/ |
1 KB 659 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.ad41bfad.js
widget-v2.smartsuppcdn.com/static/js/ Frame 78DF |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.59af7861.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 78DF |
655 KB 185 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e0f31f64.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 78DF |
103 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: OLX Group (E-commerce)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _smartsupp function| smartsupp function| setImmediate function| clearImmediate boolean| SMARTSUPP_LOADED object| $smartsupp2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
safety-ogloszenia.org/ | Name: 0800fc577294c34e0b28ad2839435945 Value: YTU1MjE5YmQwYzhkMjk2YTVjMDRhNDA5NjM3Y2I5ZGU%3D |
|
safety-ogloszenia.org/ | Name: 52c04454754170d9ea4dd76867619c2f Value: 0JPQtdGA0LzQsNC90LjRjywgU2F4b255LCDQpNCw0LvRjNC60LXQvdGI0YLQsNC50L0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bootstrap.smartsuppchat.com
safety-ogloszenia.org
static.olx.ua
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
13.226.145.116
2a00:f940:2:2:1:1:0:51
2a02:6ea0:c700::11
2a02:6ea0:c700::2
3.120.69.250
08e4b16f304ab417ebe4dd4eec583bfde32750a839580d1107a4155c67e70ff7
108448cb6a84a74f2fe4a3df0cb182e6cf9dc43cf21de5c5443d496c20828f85
1db2323b3cfe04d900aa7860b5707f9d986b78a8d8d6ef521133a922520f5aed
2383e4a01c9cea2352a87cbd5c1326a38ec4b493025ddba6eb12d3fa8060edee
2e62838350c8b7b5b035020cbb70a313fab900438934a0a31bef65df744cb0fd
3d2d1cefcb9a492fc0d04a6f10ca26ba35d3cf8610b9badf642caba4b4db92e1
41ca02e3458b9d04dd5e6389fb05eef44f1ad5a4d0db0748223f3d37412abd44
6bff1f97adff914018d79780010c0dd6ca0c322d7d7a9d24a711f2fe838e99c8
9ef6b58dbcb6ec33c83a2e2100a9cde733d6272965c681360cfdfacc49c77dd9
a1b0c4b6f9c00ab5258e2f364ad836c683d739bfeaee769f7294841883c46858
b4bfeb1be6e77a5be771c7f615d36199e05607a8d10e4d188c994a05948bd39e
b664272856b8d3d6e99cf8920e7b3b02aac6b0033cb53dfba9b83679a31861f9
beaa6d71c37e0c2ea539b6223049d4bbfbc6679e0083765577889e5f4c1f7345
dc2b534ec579cf951490b590c11bfe29cb04cf7eeae443cfa218f04a147bafa9
dc51724305ec27522136b466ec23979c57608358da3c356a2d9dabbce6a2efa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bdf200a2c0ca62218da3ee29d5c4cc8eca4eeaa29f6dae116df3822d6bd898
ee852d47edcda5139a1eea74db05add77dbdafd8bc6e9ead2b8cf5a1dfa49ac3
f1316a0f4abb1b37b3cd2c1bda054edcfaa0eebb9dfdf2da3881045dbd4b8b96
ff0eec927b17e861bfe199c7bbd4c4670d36aace537265a15d275b990e530d1d