olx-ro.fpclothing.shop Open in urlscan Pro
2606:4700:3031::6815:3b43  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request 14DU51UH70W16 Show response olx-ro.fpclothing.shop/get/	98 KB 13 KB	4126ms 4054ms	Document text/html	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a637ef582d667cb829313403a43efa9e06bd10a0ac217aee3819e8e4967066b8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8c744b9efcb818cf-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 22 Sep 2024 18:18:08 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKDZxkPhtd1xVp1oIFylrnITmgWRfYnfjBd8Cdkhidt47ZE5gu8ifADSRODkeujmE02fLQtKrSUsxiblvxiXMVqmXY9w5VRnAHWm9GgUgACnQTpExEHzk58CGrR9q8K57hIwYf2h523nL1TI9OIWYgmh5nvD"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding
GET H3	200	speculation olx-ro.fpclothing.shop/cdn-cgi/	128 B 567 B	33ms 18ms	Other application/speculationrules+json	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U6khhWap%2BW%2BNZr7wb9wdW2BVyYOn74HULXYCiCwF%2BUP7JJr41k%2FiwgJeC5PecgxpbFNrNuX87bQaKmtNUWHaQnQExPQNFienEPNT1s5yWVsvR%2FVB8B8JjVO0IfEW%2B9SezkZfKfMiJsP0gwTO9W5r3mzITSKB"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8a82418cf-FRA access-control-allow-origin https://olx-ro.fpclothing.shop content-length 128 date Sun, 22 Sep 2024 18:18:08 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H3	200	newstyle20.css olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/	63 KB 14 KB	137ms 122ms	Stylesheet text/css	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/newstyle20.css Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e710db09cb0952ab7f21bee3a495f0b9593d094612f40c882b6ffad55902697 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"66b33c9b-fc85" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESjmVUpjGsqUC%2BGW9h4EEC90TZArN7nfpm3SeiTGA1gsSx%2BKuoq4Wam%2FQRQAwaM3utnRcoh0o1Kq2IgdtqQ5fYEWHtu%2FxWKvsoPTJlkbuxpU50IFfQoiLZgFF1JV0VNx2jBnv9dQzGrhYsYmdkxKZueT57JB"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8a82a18cf-FRA date Sun, 22 Sep 2024 18:18:08 GMT content-type text/css last-modified Wed, 07 Aug 2024 09:21:31 GMT vary Accept-Encoding server cloudflare
GET H2	200	css2 fonts.googleapis.com/	2 KB 981 B	114ms 20ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9992412bb27e6f7246168320dd4efece61b87f8cdc3cb10bb568c5f5ebc4afa7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 22 Sep 2024 18:18:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 22 Sep 2024 18:18:08 GMT content-type text/css; charset=utf-8 last-modified Sun, 22 Sep 2024 16:46:05 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	operator-img.png olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/gen/	123 KB 123 KB	118ms 103ms	Image image/png	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/gen/operator-img.png Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "66b33c51-1ea0a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6q4%2B7zU%2Bn9WGQnGXdofLMSw4DBV0ix8Yj1%2BCfExlLkN0yFIc1dmuwLFrjvwtgfA9zmcg7YhxnxoU%2BcmzuwlhKPu0eXu4ZLXgyYgtTDxWAXOGmtjhQXpr5IC5rrZY29HWPpKYRTbYO4jDkW7ugTCGqXjjZxRD"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8a82b18cf-FRA accept-ranges bytes content-length 125450 date Sun, 22 Sep 2024 18:18:08 GMT content-type image/png last-modified Wed, 07 Aug 2024 09:20:17 GMT vary Accept-Encoding server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.0/	84 KB 30 KB	83ms 18ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/ Response headers content-encoding gzip age 93240 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Sun, 21 Sep 2025 16:24:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 21 Sep 2024 16:24:08 GMT last-modified Tue, 03 Mar 2020 19:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 30089 x-xss-protection 0 server sffe
GET H2	200	image frankfurt.apollo.olxcdn.com/v1/files/wfh1jeo5t36m2-RO/	47 KB 47 KB	374ms 315ms	Image image/webp	143.204.98.99 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://frankfurt.apollo.olxcdn.com/v1/files/wfh1jeo5t36m2-RO/image Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-99.fra50.r.cloudfront.net Software / Resource Hash 44bf1b245743b998590e850c7c651c00336030936f04b073123a23dc61f36a2b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/ Response headers x-trace 68394d42-30c5-4a49-b892-6adad003f990 cache-control public,max-age=604800 etag "wfh1jeo5t36m2-RO" access-control-allow-methods GET, OPTIONS via 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 47890 x-amz-cf-id EIAou1IBaK33mKVzzk3Z_FnKvOUD7dIKo5KNNjXufvcyIkoPaaxwMA== date Sun, 22 Sep 2024 18:18:08 GMT content-type image/webp last-modified Sun, 22 Sep 2024 18:18:08 GMT x-amz-cf-pop FRA50-C1
GET H3	200	favicon.png olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/	2 KB 2 KB	125ms 119ms	Image image/png	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/favicon.png Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aecb7420c45104c5623535e20888929f028fc512254a6de64140114ad35c0cc3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "66b33c9b-78f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNpxTJHsIsl1O7cj5oyt%2F7XPiZKwd71W6keIa6jq6YMFdORMXfvFbj9kJ96%2BQ0heFmgHlGfdDg2TTrYLMfPxGieeiL5Zjkl5OVHXizKnGrznYJRkQJ%2B7qb%2FfmN6oMsU6BVUBs4PAvHPCMsp1K5i1Vbs4DJvS"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8e89318cf-FRA accept-ranges bytes content-length 1935 date Sun, 22 Sep 2024 18:18:08 GMT content-type image/png last-modified Wed, 07 Aug 2024 09:21:31 GMT vary Accept-Encoding server cloudflare
GET H3	200	FanCourier.png olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/	932 B 1 KB	113ms 108ms	Image image/png	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/FanCourier.png Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2e8f1b33a34787a007de618c5548a41016dc00addec977ff8465d84243c5e38 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "66b33c9b-3a4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EcD9zY4UdMS4Xu2ZHGw2mQdXuDXgTtUtoORzPXV1ignj%2FDMV4tEQd%2BSDXUppdkkc3GJoAG634TASqCVCd2vheIKxaBnKrB5WVmYiXflIanibIGTNMCO%2BuCrgPMrloHsRbST3fQt8Q7uMx11oncXCdGaUceN"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8e89518cf-FRA accept-ranges bytes content-length 932 date Sun, 22 Sep 2024 18:18:08 GMT content-type image/png last-modified Wed, 07 Aug 2024 09:21:31 GMT vary Accept-Encoding server cloudflare
GET H3	200	posta-romana.png olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/	1 KB 2 KB	113ms 108ms	Image image/png	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/posta-romana.png Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd6f2c26efa1e24d51d4503165385f1c142791833bfd8da5f197976c74803e08 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "66b33c9b-4ba" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8gjSVtIRqjveY2Nlgkgy%2FNpiPwuncmzidxGd9s6OvzONlPStlaIEDvSsBGGeJqkBMwI39aNBV6JOCIIjOWADWtvDtKTvW5m8sUqeS%2FYxQOAasCXv9aBexjLpSFpOZdTybsrvlj%2BzkR9w%2FSgdJVIFLC14GSsT"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8e89618cf-FRA accept-ranges bytes content-length 1210 date Sun, 22 Sep 2024 18:18:08 GMT content-type image/png last-modified Wed, 07 Aug 2024 09:21:31 GMT vary Accept-Encoding server cloudflare
GET H3	200	shield.png olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/	19 KB 19 KB	121ms 117ms	Image image/png	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/shield.png Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 346cea66290a1fb37a31af8aa774df1d40d915ef40d7127bafa5b0670c44052b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "66b33c9b-4ac7" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Th%2BjLrxjNJABE8RTBTmiI85WsDKnAGTKfOePO7QFURjDtLpyJkZw%2F8XwG%2FIxA4q6ENlx4WyvbUtydAiXImS%2Fw1Lj8exQb0PwbIWPorUG9rtewTW%2B%2F2nkdh8D1SoLeOUiSBCAA3VOr2JyDQwLlZs%2FmkZrMKrM"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8e89918cf-FRA accept-ranges bytes content-length 19143 date Sun, 22 Sep 2024 18:18:08 GMT content-type image/png last-modified Wed, 07 Aug 2024 09:21:31 GMT vary Accept-Encoding server cloudflare
GET H2	200	css2 fonts.googleapis.com/	7 KB 814 B	22ms 20ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/newstyle20.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/ Response headers content-encoding gzip x-content-type-options nosniff expires Sun, 22 Sep 2024 18:18:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 22 Sep 2024 18:18:08 GMT content-type text/css; charset=utf-8 last-modified Sun, 22 Sep 2024 18:11:21 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2 fonts.gstatic.com/s/montserrat/v26/	15 KB 15 KB	36ms 13ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aXo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a117249cdc1f7687bab98dc2cacdebd9a56553cf2c87ca8d41245cd12a3321a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://fonts.googleapis.com/ Response headers age 105717 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sun, 21 Sep 2025 12:56:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 21 Sep 2024 12:56:11 GMT last-modified Wed, 13 Sep 2023 22:44:39 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 14964 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	30ms 8ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://fonts.googleapis.com/ Response headers age 160518 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 20 Sep 2025 21:42:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Sep 2024 21:42:50 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H3	200	JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw3aXpsog.woff2 fonts.gstatic.com/s/montserrat/v26/	13 KB 13 KB	33ms 11ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw3aXpsog.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04f4e9daa32c093e2f4cc57b6941dcc3dd4be4b6fd8dcb54be1772534d2207c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://fonts.googleapis.com/ Response headers age 118204 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sun, 21 Sep 2025 09:28:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 21 Sep 2024 09:28:04 GMT last-modified Wed, 13 Sep 2023 22:42:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 13328 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://fonts.googleapis.com/ Response headers age 158771 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 20 Sep 2025 22:11:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Sep 2024 22:11:57 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18588 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	13ms 11ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://fonts.googleapis.com/ Response headers age 109630 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sun, 21 Sep 2025 11:50:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 21 Sep 2024 11:50:58 GMT last-modified Thu, 01 Aug 2024 20:41:21 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18596 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 fonts.gstatic.com/s/roboto/v32/	12 KB 12 KB	18ms 17ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e8f8a1d4f1a37245c6b7acbaa44a6c04975d1e21b038f7128be586482ffe4b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://fonts.googleapis.com/ Response headers age 453275 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 17 Sep 2025 12:23:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 17 Sep 2024 12:23:33 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 12280 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v32/	12 KB 12 KB	14ms 12ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://fonts.googleapis.com/ Response headers age 164131 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 20 Sep 2025 20:42:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Sep 2024 20:42:37 GMT last-modified Thu, 01 Aug 2024 20:41:23 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 12456 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v32/	12 KB 12 KB	16ms 15ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://olx-ro.fpclothing.shop Referer https://fonts.googleapis.com/ Response headers age 455772 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 17 Sep 2025 11:41:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 17 Sep 2024 11:41:56 GMT last-modified Thu, 01 Aug 2024 20:41:26 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 12304 x-xss-protection 0 server sffe
POST H3	200	ajax Show response olx-ro.fpclothing.shop/ix9fjnak93/0w2gsb/251/	2 B 495 B	101ms 101ms	XHR text/html	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/ix9fjnak93/0w2gsb/251/ajax Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XsRT2pEgnoSa9UFZJRU5PqYisIheXc6tejJ0RWZtNqzd%2FNIavB0ijAe7CUzFOxAkaqWO6WTElIfAxDINahxzxZ9%2FTZO%2FFXHM45GqM395%2BFsiq292IQr3THRI%2F5qejbUvUpFWTQfj08mU1EzebXP1XnRY0xS%2B"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bbb4b3d18cf-FRA expires Thu, 19 Nov 1981 08:52:00 GMT date Sun, 22 Sep 2024 18:18:08 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H3	206	alert.mp3 olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/gen/	14 KB 15 KB	19ms 19ms	Media audio/mpeg	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/gen/alert.mp3 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2 Request headers Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Range bytes=0- Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT etag "66b33c51-39f4" age 983 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxJ0V7TM1fUjicL0myEOxGHMBAq5IFL1IOkS1gFLr7kEqEEUU3fvb5GIQvn%2B40m8193Vkr%2F6AH29jdP6NrFcE2LqgwOYKZTw7l4ULiKv%2F6asQ8Rb86%2BhAUAxyZpec1Vc3CIraZ0a8GSXpHma7NIbwQLXOesK"}],"group":"cf-nel","max_age":604800} Content-Range bytes 0-14835/14836 cf-ray 8c744bbb5b4018cf-FRA Content-Length 14836 date Sun, 22 Sep 2024 18:18:08 GMT content-type audio/mpeg last-modified Wed, 07 Aug 2024 09:20:17 GMT vary Accept-Encoding server cloudflare
GET H3	200	favicon.png olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/	2 KB 0	0ms 0ms	Other image/png	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/services/olx/favicon.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aecb7420c45104c5623535e20888929f028fc512254a6de64140114ad35c0cc3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "66b33c9b-78f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNpxTJHsIsl1O7cj5oyt%2F7XPiZKwd71W6keIa6jq6YMFdORMXfvFbj9kJ96%2BQ0heFmgHlGfdDg2TTrYLMfPxGieeiL5Zjkl5OVHXizKnGrznYJRkQJ%2B7qb%2FfmN6oMsU6BVUBs4PAvHPCMsp1K5i1Vbs4DJvS"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8e89318cf-FRA accept-ranges bytes content-length 1935 date Sun, 22 Sep 2024 18:18:08 GMT content-type image/png last-modified Wed, 07 Aug 2024 09:21:31 GMT vary Accept-Encoding server cloudflare
POST H3	200	ajax Show response olx-ro.fpclothing.shop/ix9fjnak93/0w2gsb/251/	1 KB 1 KB	466ms 465ms	XHR text/html	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/ix9fjnak93/0w2gsb/251/ajax Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80387a4f11fbff4e57bdc34874a78a6b0f78e4b0e3c00c4de379233aa5e50c54 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkpJqmgnNwEzm4JjZQJ6N6VXFgUE24WduRtrs%2F73l2XbqhxFwnQr%2BOZQKIOIPSbeNpnyZZdz2VQDPnROP68YyR5wEDM6dY%2FnQ%2FfKdikIuYLJgzwzDGOSdjRsDGR1twLfcPxTBwW1QG1LBZuhuDloS%2FZGLEpe"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bd44c7018cf-FRA expires Thu, 19 Nov 1981 08:52:00 GMT date Sun, 22 Sep 2024 18:18:12 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
POST H3	200	ajax Show response olx-ro.fpclothing.shop/ix9fjnak93/0w2gsb/251/	2 B 505 B	156ms 146ms	XHR text/html	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/ix9fjnak93/0w2gsb/251/ajax Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FU1OiVnqkRCZaJqTtCQ8IU7ldYeaPoaAAcwfgvXlqjp41cCd3DrhpVdhuB1vFUrHIdLqqC4x7TMO3Y8oM%2F4GNIp2j0pUzlkmIKQeaMTiaWt40WkYrXdvhX5ANAPb8wyR75TXPQAoqlGhAMpJbu6YSXc5yraM"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bd7991c18cf-FRA expires Thu, 19 Nov 1981 08:52:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 22 Sep 2024 18:18:13 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare
GET H3	200	operator-img.png olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/gen/	123 KB 0	5ms 5ms	Image image/png	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://olx-ro.fpclothing.shop/6y5vscqf/kg51x/343fdldg/gen/operator-img.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "66b33c51-1ea0a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6q4%2B7zU%2Bn9WGQnGXdofLMSw4DBV0ix8Yj1%2BCfExlLkN0yFIc1dmuwLFrjvwtgfA9zmcg7YhxnxoU%2BcmzuwlhKPu0eXu4ZLXgyYgtTDxWAXOGmtjhQXpr5IC5rrZY29HWPpKYRTbYO4jDkW7ugTCGqXjjZxRD"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bb8a82b18cf-FRA accept-ranges bytes content-length 125450 date Sun, 22 Sep 2024 18:18:08 GMT content-type image/png last-modified Wed, 07 Aug 2024 09:20:17 GMT vary Accept-Encoding server cloudflare
POST H3	200	ajax olx-ro.fpclothing.shop/ix9fjnak93/0w2gsb/251/	1 KB 1 KB	108ms 102ms	XHR text/html	2606:4700:3031::6815:3b43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://olx-ro.fpclothing.shop/ix9fjnak93/0w2gsb/251/ajax Requested by Host: olx-ro.fpclothing.shop URL: https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:3b43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Referer https://olx-ro.fpclothing.shop/get/14DU51UH70W16 Response headers cache-control no-store, no-cache, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zquA6f4paJoqmV1e40UXy0p0eBYlVw6%2FbRlst13HvEdYBaXcmFXV%2FDybsOsOJiLGjcFdzf%2F6bYOJfFB12vN5dZKNmu9XlbakJone8XL8IciaAk0B5XRaA5CzLmpEWniQtoibKH5W1FTu3ODj9w27OBvu28y9"}],"group":"cf-nel","max_age":604800} cf-ray 8c744bed5dcb18cf-FRA expires Thu, 19 Nov 1981 08:52:00 GMT date Sun, 22 Sep 2024 18:18:16 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OLX Group (E-commerce)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| ajaxsup function| sendmsg function| openwrite function| changeInput function| setWindowVisibility function| fullscreen function| soundAlert function| startAjax string| defSelected function| select_deliv string| content_operators

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			olx-ro.fpclothing.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: 84e9c799163ebcaeda70b3b0d6520169

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
frankfurt.apollo.olxcdn.com
olx-ro.fpclothing.shop
143.204.98.99
2606:4700:3031::6815:3b43
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200a
04f4e9daa32c093e2f4cc57b6941dcc3dd4be4b6fd8dcb54be1772534d2207c2
0e710db09cb0952ab7f21bee3a495f0b9593d094612f40c882b6ffad55902697
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
346cea66290a1fb37a31af8aa774df1d40d915ef40d7127bafa5b0670c44052b
3e8f8a1d4f1a37245c6b7acbaa44a6c04975d1e21b038f7128be586482ffe4b0
44bf1b245743b998590e850c7c651c00336030936f04b073123a23dc61f36a2b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a117249cdc1f7687bab98dc2cacdebd9a56553cf2c87ca8d41245cd12a3321a
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
6ad959dc0c70ef9d40126cefdcc3ad6aaba451078b3533a4204aff83e1de81f3
80387a4f11fbff4e57bdc34874a78a6b0f78e4b0e3c00c4de379233aa5e50c54
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
9992412bb27e6f7246168320dd4efece61b87f8cdc3cb10bb568c5f5ebc4afa7
9a18bd97abbc747b6a928313fcfff5c253a4164ed768724912ac140edcb332c2
a637ef582d667cb829313403a43efa9e06bd10a0ac217aee3819e8e4967066b8
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
aecb7420c45104c5623535e20888929f028fc512254a6de64140114ad35c0cc3
cd6f2c26efa1e24d51d4503165385f1c142791833bfd8da5f197976c74803e08
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
e2e8f1b33a34787a007de618c5548a41016dc00addec977ff8465d84243c5e38