olx.ro-livrares.space Open in urlscan Pro
2606:4700:3034::6815:22fa  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response olx.ro-livrares.space/	7 KB 2 KB	89ms 53ms	Document text/html	2606:4700:3034::6815:22fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx.ro-livrares.space/?id=217906868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:22fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81484daee0631bc2eeaa085afa6cafb6075c4df9ca040f577f2c04f8257005dc Request headers :method GET :authority olx.ro-livrares.space :scheme https :path /?id=217906868 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 01 Apr 2021 08:46:52 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=da7789cc0e31a6191d5ba02a37804fbb21617266812; expires=Sat, 01-May-21 08:46:52 GMT; path=/; domain=.ro-livrares.space; HttpOnly; SameSite=Lax; Secure vary Accept-Encoding cf-cache-status DYNAMIC cf-request-id 092e363d9a00004e80d1395000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GINPYBWaXJnwwvIXL96tQzvW9ScIi56nEsz5Z3HUt6nQ4YZdGO1WT3f%2FJcpGzuY6bl5TXcFKi7vQ49m7FBbjS9KQtaKQg9u7HJvJcWkCvCQEMPQTGBKsXl6CTgBYP6n6FrU%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 63908ca8f8f64e80-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	index.css olx.ro-livrares.space/css/	7 KB 2 KB	36ms 35ms	Stylesheet text/css	2606:4700:3034::6815:22fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx.ro-livrares.space/css/index.css Requested by Host: olx.ro-livrares.space URL: https://olx.ro-livrares.space/?id=217906868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:22fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2a8e21aecfb5a270e997002a250b9e8797430c58e52a9a9f6fc9e1e6c7a584c Request headers Referer https://olx.ro-livrares.space/?id=217906868 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 01 Apr 2021 08:46:52 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 16 Feb 2021 23:00:37 GMT server cloudflare etag W/"1c77-5bb7c12168fa8-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dVSCDoHCOIYHrdHIrdh8sEthH9Cvls7hE%2FO9EErWXFTHhFns0Rn1deN80Bw%2FmE7wYPSG7gmo5KfJ7M4zsqbHk2HlPVNXzYCykCMc91VQp3Ol4UGkNvp9Hs2bEfamgYSkLyU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 63908ca959714e80-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 092e363dd500004e80dd20d000000001
GET H2	200	css2 fonts.googleapis.com/	6 KB 784 B	15ms 15ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Requested by Host: olx.ro-livrares.space URL: https://olx.ro-livrares.space/?id=217906868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1aec52c8aaca84acd07baa466963482123150e30db43ddd01b1f75f39f14eca3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://olx.ro-livrares.space/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 01 Apr 2021 08:03:34 GMT server ESF date Thu, 01 Apr 2021 08:46:52 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 01 Apr 2021 08:46:52 GMT
GET H2	200	check.svg olx.ro-livrares.space/img/	596 B 662 B	36ms 35ms	Image image/svg+xml	2606:4700:3034::6815:22fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx.ro-livrares.space/img/check.svg Requested by Host: olx.ro-livrares.space URL: https://olx.ro-livrares.space/?id=217906868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:22fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5a1db45adfbd6352e52442c1adef427cad4d1b313ba39025f6dd5f73d524d2b Request headers Referer https://olx.ro-livrares.space/?id=217906868 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 01 Apr 2021 08:46:52 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Feb 2021 23:00:38 GMT server cloudflare etag W/"254-5bb7c122dff79" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qv2TWNS4Axe29yLD2o5mk%2FEsXWFnLdqJVxyYiTBlB%2BkCTuJ%2FwTy1lD1vh74i9RBETKBWBnBSsybcW7L%2BjQznMbolgT23mbiEBxCVvYEsomnNYwKN52Ae0rCR%2BZch1blIkpo%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 63908ca959744e80-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 092e363dd600004e80f819b000000001
GET H2	200	image;s=644x461 frankfurt.apollo.olxcdn.com//v1//files//kla6azi9gh9i-RO//	28 KB 28 KB	132ms 57ms	Image image/webp	13.226.159.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://frankfurt.apollo.olxcdn.com//v1//files//kla6azi9gh9i-RO//image;s=644x461 Requested by Host: olx.ro-livrares.space URL: https://olx.ro-livrares.space/?id=217906868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.159.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-159-51.dus51.r.cloudfront.net Software / Resource Hash 1d412869e74ae3e4d9caceaf9c28bf192d1af5db2ddd0eb8437e7a00c8355ff3 Request headers Referer https://olx.ro-livrares.space/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 30 Mar 2021 22:24:59 GMT via 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront) last-modified Tue, 30 Mar 2021 22:24:59 GMT age 123713 x-trace 7d1ca342-f46e-4555-a7dc-85fc4c093f40 etag "kla6azi9gh9i-RO" access-control-allow-methods GET, OPTIONS content-type image/webp access-control-allow-origin * cache-control public,max-age=604800 x-cache Hit from cloudfront x-amz-cf-pop DUS51-C1 content-length 28400 x-amz-cf-id hC16GyENxAQNLRX3mJShpFxpBJPzi4xibTQuTiwSmjLdDi8aNF0HNA==
GET H2	200	fan-curier.png gsmit.ro/dist/img/	12 KB 12 KB	440ms 374ms	Image image/png	151.101.65.195 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://gsmit.ro/dist/img/fan-curier.png Requested by Host: olx.ro-livrares.space URL: https://olx.ro-livrares.space/?id=217906868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7c71fe9bf19cbb0dd836be3d0438696c67b3514ffcf847638bcf093746d176b1 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Referer https://olx.ro-livrares.space/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31556926 content-encoding gzip last-modified Fri, 19 Apr 2019 09:19:27 GMT x-timer S1617266812.448191,VS0,VE353 etag "53d7d61882edb07ad26b846009e7465d7c31cb53e10f37beb0c4045e73dcf5b0" x-served-by cache-cph20634-CPH vary x-fh-requested-host, accept-encoding x-cache MISS content-type image/png cache-control max-age=8640000 date Thu, 01 Apr 2021 08:46:52 GMT accept-ranges bytes content-length 11844 x-cache-hits 0
GET H2	200	shield.svg olx.ro-livrares.space/img/	1 KB 913 B	35ms 34ms	Image image/svg+xml	2606:4700:3034::6815:22fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx.ro-livrares.space/img/shield.svg Requested by Host: olx.ro-livrares.space URL: https://olx.ro-livrares.space/?id=217906868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:22fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ed066d662f33b2d1d2783ecc3a200ef968150399d7f37ba5d5ca69af4a8a2b4 Request headers Referer https://olx.ro-livrares.space/?id=217906868 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 01 Apr 2021 08:46:52 GMT content-encoding br cf-cache-status MISS last-modified Tue, 16 Feb 2021 23:00:40 GMT server cloudflare etag W/"473-5bb7c12420451" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LiCsXBbKuvjl%2FXZXT%2FVgCAGvkt4%2B8yMeC4MYTw0HQ9kQNGYYXlNbnV%2FZLOfsuwJraO0yadQQgjV2NcGkHLojtOcJMyYawO3GAQEGG%2FLmtF9haiZFPQxqKhSPkfDz5svdBqI%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 63908ca959764e80-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 092e363dd600004e809f072000000001
GET H2	200	VISAMasterCard-icons.png www.fearless-flyer.com/_fofunnel/_res_fearlessflyer_com/images/	68 KB 68 KB	189ms 66ms	Image image/png	93.113.111.66 NETCONNEX NetConn...
General Check archive.org Show headers Download Go to Show image Full URL https://www.fearless-flyer.com/_fofunnel/_res_fearlessflyer_com/images/VISAMasterCard-icons.png Requested by Host: olx.ro-livrares.space URL: https://olx.ro-livrares.space/?id=217906868 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 93.113.111.66 , United Kingdom, ASN21396 (NETCONNEX NetConnex Broadband Ltd., GB), Reverse DNS fearless-flyer-com.nh-serv.co.uk Software nginx / Resource Hash 4faa7e261195ab046349e36b606d9edbba655deecd429dc86143c2f6d47528c9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=300; includeSubDomains; preload Request headers Referer https://olx.ro-livrares.space/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 01 Apr 2021 08:46:52 GMT last-modified Sat, 07 Sep 2019 10:49:38 GMT server nginx etag "10fb5-591f44fa7d480" strict-transport-security max-age=300; includeSubDomains; preload content-type image/png content-security-policy upgrade-insecure-requests accept-ranges bytes content-length 69557 x-served-by 162403e58965a004bd9fa58ed4dd2558
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v20/	15 KB 15 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-livrares.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Mar 2021 14:36:54 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:36 GMT server sffe age 583798 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15736 x-xss-protection 0 expires Fri, 25 Mar 2022 14:36:54 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v20/	16 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-livrares.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Mar 2021 18:27:39 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:37 GMT server sffe age 224353 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15872 x-xss-protection 0 expires Tue, 29 Mar 2022 18:27:39 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v20/	15 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-livrares.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 31 Mar 2021 19:52:31 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:19:00 GMT server sffe age 46461 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15816 x-xss-protection 0 expires Thu, 31 Mar 2022 19:52:31 GMT
GET H3-Q050	200	KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 fonts.gstatic.com/s/roboto/v20/	12 KB 12 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c7063e4ddf4fb376fa7af3b9caf9845251f6224dffd38f1a369278c47e4b4ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-livrares.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 31 Mar 2021 21:42:23 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:58 GMT server sffe age 39869 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12060 x-xss-protection 0 expires Thu, 31 Mar 2022 21:42:23 GMT
GET H3-Q050	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v20/	12 KB 12 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://olx.ro-livrares.space Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 31 Mar 2021 18:54:38 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:37 GMT server sffe age 49934 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12200 x-xss-protection 0 expires Thu, 31 Mar 2022 18:54:38 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OLX Group (E-commerce)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ro-livrares.space/	1970-01-19 17:57:38	Name: __cfduid Value: da7789cc0e31a6191d5ba02a37804fbb21617266812

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
frankfurt.apollo.olxcdn.com
gsmit.ro
olx.ro-livrares.space
www.fearless-flyer.com
13.226.159.51
151.101.65.195
2606:4700:3034::6815:22fa
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
93.113.111.66
1aec52c8aaca84acd07baa466963482123150e30db43ddd01b1f75f39f14eca3
1d412869e74ae3e4d9caceaf9c28bf192d1af5db2ddd0eb8437e7a00c8355ff3
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51
4faa7e261195ab046349e36b606d9edbba655deecd429dc86143c2f6d47528c9
7c71fe9bf19cbb0dd836be3d0438696c67b3514ffcf847638bcf093746d176b1
81484daee0631bc2eeaa085afa6cafb6075c4df9ca040f577f2c04f8257005dc
8ed066d662f33b2d1d2783ecc3a200ef968150399d7f37ba5d5ca69af4a8a2b4
9c7063e4ddf4fb376fa7af3b9caf9845251f6224dffd38f1a369278c47e4b4ec
b2a8e21aecfb5a270e997002a250b9e8797430c58e52a9a9f6fc9e1e6c7a584c
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
e5a1db45adfbd6352e52442c1adef427cad4d1b313ba39025f6dd5f73d524d2b