olx.ro-confirmare.space Open in urlscan Pro
2606:4700:3033::ac43:cbea  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response olx.ro-confirmare.space/	7 KB 2 KB	89ms 57ms	Document text/html	2606:4700:3033::ac43:cbea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx.ro-confirmare.space/?id=218692460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cbea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65d49cd31ab16a4d0c9e2420c7432a834dedddcf39af97da1b9ed26e10e3fd16 Request headers :method GET :authority olx.ro-confirmare.space :scheme https :path /?id=218692460 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:41:31 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d4070e3c4cdb6f11ba9dd8e0b0b6fa9c81618321291; expires=Thu, 13-May-21 13:41:31 GMT; path=/; domain=.ro-confirmare.space; HttpOnly; SameSite=Lax; Secure vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 096d10525f00000609dd112000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ba11F7AjAo5j9B6Dkzw%2FPVX0XjidApmKgpFM1V5b7V6VTzZnOE07knYvEI0bANoWGZl%2BW%2F0A2467MkOGA%2FdyCVQNB1jyOx%2FsU6WerS0tlgsTXuVWbDf6Wmmg%2FGVc886QkK%2BPvw%3D%3D"}],"max_age":604800} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 63f51cca3d440609-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	index.css olx.ro-confirmare.space/css/	7 KB 2 KB	37ms 37ms	Stylesheet text/css	2606:4700:3033::ac43:cbea CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx.ro-confirmare.space/css/index.css Requested by Host: olx.ro-confirmare.space URL: https://olx.ro-confirmare.space/?id=218692460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cbea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2a8e21aecfb5a270e997002a250b9e8797430c58e52a9a9f6fc9e1e6c7a584c Request headers Referer https://olx.ro-confirmare.space/?id=218692460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:41:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Feb 2021 23:00:37 GMT server cloudflare etag W/"1c77-5bb7c12168fa8-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ydl%2BdUxKcS3XS%2FWdeQl13QUFr%2F8W853DePkNKzM5UTHEP2YSqYaYYjFOf7Lx6PNgMtxVB6VhCzbMaAePRm54BUYReXIu5nzYPm6yOMzh9fdM6NfI3xKcJx%2BOZplyJDR1QtMQug%3D%3D"}],"max_age":604800} content-type text/css cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 63f51cca9e830609-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 096d10529f00000609edbea000000001
GET H2	200	css2 fonts.googleapis.com/	6 KB 788 B	16ms 14ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Requested by Host: olx.ro-confirmare.space URL: https://olx.ro-confirmare.space/?id=218692460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://olx.ro-confirmare.space/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 13 Apr 2021 13:19:07 GMT server ESF date Tue, 13 Apr 2021 13:41:31 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 13 Apr 2021 13:41:31 GMT
GET H2	200	check.svg olx.ro-confirmare.space/img/	596 B 678 B	37ms 36ms	Image image/svg+xml	2606:4700:3033::ac43:cbea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx.ro-confirmare.space/img/check.svg Requested by Host: olx.ro-confirmare.space URL: https://olx.ro-confirmare.space/?id=218692460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cbea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5a1db45adfbd6352e52442c1adef427cad4d1b313ba39025f6dd5f73d524d2b Request headers Referer https://olx.ro-confirmare.space/?id=218692460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:41:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Feb 2021 23:00:38 GMT server cloudflare etag W/"254-5bb7c122dff79" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MtsLz37QD%2Be8V0Xqu9aYJcvrfHcifWoaJTwdubjtJz13Cz8mwe4EsuwiQO7iKz%2BARP5M0ADGSZRWKRRJITH0RiAeXh7ygNcSZdK9VrQnNc6h%2FUV3%2Fc3FFe1E0%2FVJHbpzku8c8w%3D%3D"}],"max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 63f51cca9e850609-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 096d1052a00000060905397000000001
GET H2	200	image;s=644x461 frankfurt.apollo.olxcdn.com//v1//files//7qgaf98d2urh2-RO//	11 KB 11 KB	277ms 203ms	Image image/webp	13.226.155.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://frankfurt.apollo.olxcdn.com//v1//files//7qgaf98d2urh2-RO//image;s=644x461 Requested by Host: olx.ro-confirmare.space URL: https://olx.ro-confirmare.space/?id=218692460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.155.50 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-155-50.dus51.r.cloudfront.net Software / Resource Hash 932c8029dd4d6459b90c57f1bf3dc46c6bde1a83cb90937fbc9d357e7717e95e Request headers Referer https://olx.ro-confirmare.space/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:41:32 GMT via 1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront) last-modified Tue, 13 Apr 2021 13:41:32 GMT x-amz-cf-pop DUS51-C1 x-trace 0ae9bef7-7cf5-40ac-ae63-7e8b6d6c8574 etag "7qgaf98d2urh2-RO" access-control-allow-methods GET, OPTIONS content-type image/webp access-control-allow-origin * cache-control public,max-age=604800 x-cache Miss from cloudfront content-length 11250 x-amz-cf-id 8JzdLI2Cjpk5kueXT2YR82yMHBMLfx_Z3gGyHb6ThRga7Zo5Hibj7A==
GET H2	200	fan-curier.png gsmit.ro/dist/img/	12 KB 12 KB	88ms 19ms	Image image/png	151.101.65.195 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://gsmit.ro/dist/img/fan-curier.png Requested by Host: olx.ro-confirmare.space URL: https://olx.ro-confirmare.space/?id=218692460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7c71fe9bf19cbb0dd836be3d0438696c67b3514ffcf847638bcf093746d176b1 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://olx.ro-confirmare.space/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31556926 content-encoding gzip last-modified Fri, 19 Apr 2019 09:19:27 GMT x-timer S1618321292.010492,VS0,VE1 etag "53d7d61882edb07ad26b846009e7465d7c31cb53e10f37beb0c4045e73dcf5b0" x-served-by cache-cph20631-CPH vary x-fh-requested-host, accept-encoding x-cache HIT content-type image/png cache-control max-age=8640000 date Tue, 13 Apr 2021 13:41:32 GMT accept-ranges bytes content-length 11844 x-cache-hits 1
GET H2	200	shield.svg olx.ro-confirmare.space/img/	1 KB 894 B	37ms 36ms	Image image/svg+xml	2606:4700:3033::ac43:cbea CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx.ro-confirmare.space/img/shield.svg Requested by Host: olx.ro-confirmare.space URL: https://olx.ro-confirmare.space/?id=218692460 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:cbea , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ed066d662f33b2d1d2783ecc3a200ef968150399d7f37ba5d5ca69af4a8a2b4 Request headers Referer https://olx.ro-confirmare.space/?id=218692460 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:41:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Feb 2021 23:00:40 GMT server cloudflare etag W/"473-5bb7c12420451" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KhDdZB5A3komA9XAEUoTFtCEjcYtA7PZ8g46hfnFDWWwx1p0Hi2MmhUigB%2B51JTHdIK7pVMWsTSREhAl%2BImznHw9hpD2Pqk4CT4lCIZkirq9qqevRUB4i1NNRSrBSCf6hxyTYg%3D%3D"}],"max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 63f51cca9e870609-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 096d1052a000000609db186000000001
GET H2	200	VISAMasterCard-icons.png www.fearless-flyer.com/_fofunnel/_res_fearlessflyer_com/images/	68 KB 68 KB	238ms 67ms	Image image/png	93.113.111.66 NETCONNEX NetConn...
General Check archive.org Show headers Download Go to Show image Full URL https://www.fearless-flyer.com/_fofunnel/_res_fearlessflyer_com/images/VISAMasterCard-icons.png Requested by Host: olx.ro-confirmare.space URL: https://olx.ro-confirmare.space/?id=218692460 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 93.113.111.66 , United Kingdom, ASN21396 (NETCONNEX NetConnex Broadband Ltd., GB), Reverse DNS fearless-flyer-com.nh-serv.co.uk Software nginx / Resource Hash 4faa7e261195ab046349e36b606d9edbba655deecd429dc86143c2f6d47528c9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers Referer https://olx.ro-confirmare.space/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 13:41:32 GMT last-modified Sat, 07 Sep 2019 10:49:38 GMT server nginx etag "10fb5-591f44fa7d480" strict-transport-security max-age=300; includeSubDomains; preload content-type image/png content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 69557 x-served-by 162403e58965a004bd9fa58ed4dd2558
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-confirmare.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 12 Apr 2021 21:15:20 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe age 59171 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 expires Tue, 12 Apr 2022 21:15:20 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	16 KB 16 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-confirmare.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 06 Apr 2021 19:15:25 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:39 GMT server sffe age 584766 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 expires Wed, 06 Apr 2022 19:15:25 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-confirmare.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 12 Apr 2021 21:15:49 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:46 GMT server sffe age 59142 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 expires Tue, 12 Apr 2022 21:15:49 GMT
GET H3-Q050	200	KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 fonts.gstatic.com/s/roboto/v27/	11 KB 12 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-confirmare.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 12 Apr 2021 21:17:20 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:42 GMT server sffe age 59051 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11768 x-xss-protection 0 expires Tue, 12 Apr 2022 21:17:20 GMT
GET H3-Q050	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v27/	12 KB 12 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-confirmare.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 12 Apr 2021 21:17:20 GMT x-content-type-options nosniff last-modified Mon, 05 Apr 2021 21:10:33 GMT server sffe age 59051 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11860 x-xss-protection 0 expires Tue, 12 Apr 2022 21:17:20 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OLX Group (E-commerce)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ro-confirmare.space/	1970-01-19 18:15:13	Name: __cfduid Value: d4070e3c4cdb6f11ba9dd8e0b0b6fa9c81618321291

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
frankfurt.apollo.olxcdn.com
gsmit.ro
olx.ro-confirmare.space
www.fearless-flyer.com
13.226.155.50
151.101.65.195
2606:4700:3033::ac43:cbea
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2003
93.113.111.66
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4faa7e261195ab046349e36b606d9edbba655deecd429dc86143c2f6d47528c9
65d49cd31ab16a4d0c9e2420c7432a834dedddcf39af97da1b9ed26e10e3fd16
7c71fe9bf19cbb0dd836be3d0438696c67b3514ffcf847638bcf093746d176b1
8ed066d662f33b2d1d2783ecc3a200ef968150399d7f37ba5d5ca69af4a8a2b4
932c8029dd4d6459b90c57f1bf3dc46c6bde1a83cb90937fbc9d357e7717e95e
b2a8e21aecfb5a270e997002a250b9e8797430c58e52a9a9f6fc9e1e6c7a584c
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57
e5a1db45adfbd6352e52442c1adef427cad4d1b313ba39025f6dd5f73d524d2b