24-ro-friocard.o-dom2.com Open in urlscan Pro
2606:4700:3030::ac43:da3e  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 24-ro-friocard.o-dom2.com/	138 KB 47 KB	1750ms 581ms	Document text/html	2606:4700:3030::ac43:da3e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://24-ro-friocard.o-dom2.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:da3e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a631b0d20882c7a45e452c78bcbdff1bba658c6368412bdafaeaf21565c132 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 867743ac3afa8c33-EWR content-encoding br content-type text/html; charset=utf-8 date Wed, 20 Mar 2024 17:01:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqE%2B1RwsoNlNkffKfc9R1RbjZAVwC275UaVdfbMH08%2Bt9YeZprGIgxAdJzxVcQI%2Fp%2BuPDzEbvoE8Z2Lz4ZjCKIpuidsmPbfQAjsVyCOJVTnt9xQwl1n0I4WUlRKJFQN8SxGCt1yFxFuawZ7f9kuzvfTwEvy4TRSt"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing total; dur=70.273577; desc="Total Response Time" strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-xss-protection 1; mode=block
GET H2	200	style.min.css evrhst-a.akamaihd.net/16699/css/	18 KB 5 KB	1073ms 702ms	Stylesheet text/css	2600:141b:b000::1737:ebca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://evrhst-a.akamaihd.net/16699/css/style.min.css Requested by Host: 24-ro-friocard.o-dom2.com URL: https://24-ro-friocard.o-dom2.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1737:ebca Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e6a32e51882f5407309707e31fcbae997cc403c5288628ed8dff9a78d098bb67 Request headers accept-language en-US,en;q=0.9 Referer https://24-ro-friocard.o-dom2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-container-storage-policy-name Policy-0 date Wed, 20 Mar 2024 17:01:29 GMT content-encoding gzip last-modified Wed, 26 May 2021 07:16:14 GMT etag "ba57dbfc88380de8152d9015ffe8f8ef" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control x-timestamp 1622013373.37055 cache-control public, max-age=31535951 x-container-storage-policy-index 0 accept-ranges bytes x-trans-id 16828c91bcaf3d51 content-length 4232
GET H2	200	avatar.png evrhst-a.akamaihd.net/16699/images/	27 KB 27 KB	1442ms 1072ms	Image image/png	2600:141b:b000::1737:ebca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://evrhst-a.akamaihd.net/16699/images/avatar.png Requested by Host: 24-ro-friocard.o-dom2.com URL: https://24-ro-friocard.o-dom2.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1737:ebca Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 0ffc0546444e55d409bbddc620a0d4a4a129f4c9f4fd817d9f7dc36cc83b5b1c Request headers accept-language en-US,en;q=0.9 Referer https://24-ro-friocard.o-dom2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-container-storage-policy-name Policy-0 date Wed, 20 Mar 2024 17:01:30 GMT last-modified Wed, 26 May 2021 07:16:14 GMT etag "93da94c112ea052fb85a588066183232" content-type image/png access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control x-timestamp 1622013373.37055 cache-control public, max-age=31536000 x-container-storage-policy-index 0 accept-ranges bytes content-length 27298 x-trans-id 16828c91bcaf3d51
GET H2	200	index.js Show response evrhst-a.akamaihd.net/16699/	43 KB 11 KB	1423ms 1422ms	Script application/javascript	2600:141b:b000::1737:ebca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://evrhst-a.akamaihd.net/16699/index.js Requested by Host: 24-ro-friocard.o-dom2.com URL: https://24-ro-friocard.o-dom2.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1737:ebca Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 10960729f27388deb79cdd7362f95fda35d4fad6c0f4fd87d83de0644d769c05 Request headers accept-language en-US,en;q=0.9 Referer https://24-ro-friocard.o-dom2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-container-storage-policy-name Policy-0 date Wed, 20 Mar 2024 17:01:30 GMT content-encoding gzip last-modified Wed, 26 May 2021 07:16:14 GMT etag "c298c6cfe39ebec4dbb751accf842548" vary Accept-Encoding content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control x-timestamp 1622013373.37055 cache-control public, max-age=31536000 x-container-storage-policy-index 0 accept-ranges bytes x-trans-id 16828c91bcaf3d51 content-length 10351
GET H2	200	0091.jpg evrhst-a.akamaihd.net/16699/images/	37 KB 38 KB	600ms 600ms	Image image/jpeg	2600:141b:b000::1737:ebca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://evrhst-a.akamaihd.net/16699/images/0091.jpg Requested by Host: evrhst-a.akamaihd.net URL: https://evrhst-a.akamaihd.net/16699/css/style.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1737:ebca Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 516a000096c704bd5c2d7a6a0a1a6a42ab6f6c25497bd0f00ff57ecdb0614c02 Request headers accept-language en-US,en;q=0.9 Referer https://evrhst-a.akamaihd.net/16699/css/style.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-container-storage-policy-name Policy-0 date Wed, 20 Mar 2024 17:01:30 GMT last-modified Wed, 26 May 2021 07:16:14 GMT etag "7a2dacbb78937bf88eca2da2bd8c9c64" content-type image/jpeg access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control x-timestamp 1622013373.37055 cache-control public, max-age=31536000 x-container-storage-policy-index 0 accept-ranges bytes content-length 37990 x-trans-id 16828c91bcaf3d51
GET H2	200	avatar.png evrhst-a.akamaihd.net/16699/images/	27 KB 27 KB	115ms 115ms	Image image/png	2600:141b:b000::1737:ebca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://evrhst-a.akamaihd.net/16699/images/avatar.png Requested by Host: evrhst-a.akamaihd.net URL: https://evrhst-a.akamaihd.net/16699/css/style.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::1737:ebca Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 0ffc0546444e55d409bbddc620a0d4a4a129f4c9f4fd817d9f7dc36cc83b5b1c Request headers accept-language en-US,en;q=0.9 Referer https://evrhst-a.akamaihd.net/16699/css/style.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-container-storage-policy-name Policy-0 date Wed, 20 Mar 2024 17:01:31 GMT last-modified Wed, 26 May 2021 07:16:14 GMT etag "93da94c112ea052fb85a588066183232" content-type image/png access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Cache-Control x-timestamp 1622013373.37055 cache-control public, max-age=31535999 x-container-storage-policy-index 0 accept-ranges bytes content-length 27298 x-trans-id 16828c91bcaf3d51
GET H2	200	popup.js Show response 24-ro-friocard.o-dom2.com/	149 KB 55 KB	749ms 748ms	Script application/javascript	2606:4700:3030::ac43:da3e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://24-ro-friocard.o-dom2.com/popup.js?language=ro Requested by Host: 24-ro-friocard.o-dom2.com URL: https://24-ro-friocard.o-dom2.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:da3e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 924402a140018b46dd391ff23519afec7f4d1c16369553e7dc12f1739cdf1f57 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://24-ro-friocard.o-dom2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 20 Mar 2024 17:01:34 GMT strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br x-dns-prefetch-control off server-timing total; dur=3.28096; desc="Total Response Time" alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block server cloudflare etag W/"2545b-qln3778UZpV75HYin1Ff+3wYkd0" x-download-options noopen vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxheurPW1LICvtD%2F5YCkbU%2F3FKgMLm6wbCxtt5Z4wljklZSEeY0Ob2colBWtkMd9NeLdn2nhRw%2BD%2FB1dbVsW0kCZ5LvoRmyHahVT6h0pBS4WxfCf6TA21WQFfwLe4T8cCpUeY%2B%2BdHwkYEfd9Hb33nWTscV0fgwFa"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 867743ce09508c33-EWR

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| countryCodeMasString string| language string| dir string| cdn_path string| country_code string| campaign_country_code string| smart_form_call_timings string| codeCorrect string| codeEmpty string| codeInvalid object| country_code_mas string| additional_phone_placeholder function| $ function| jQuery function| initClick object| prices string| url function| Typed function| SmoothScroll object| transit_fb_id object| landing_fb_id object| thankyou_fb_id

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: news_domain Value: everinform.com
			24-ro-friocard.o-dom2.com/	1970-01-21 04:01:30	Name: visited Value: e%3A9a750decf4ff9d7207fe8ccf0bf99d9281502436371c2a56dfee7078b3f96cd7
			24-ro-friocard.o-dom2.com/	1970-01-21 04:51:54	Name: anonymous_id Value: 13ee2077-06cc-4d5b-b0e7-b53ad038460c
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: has_blacklist_validation Value: true
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: lang Value: ro
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: user_country_code Value: US
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: is_duplicate_restricted Value: false
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: is_namephone_validated Value: true
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: popup_customers_enabled Value: true
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: popup_mouseout_enabled Value: true
			24-ro-friocard.o-dom2.com/	1969-12-31 23:59:59	Name: popup_callback_enabled Value: true

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24-ro-friocard.o-dom2.com
evrhst-a.akamaihd.net
2600:141b:b000::1737:ebca
2606:4700:3030::ac43:da3e
0ffc0546444e55d409bbddc620a0d4a4a129f4c9f4fd817d9f7dc36cc83b5b1c
10960729f27388deb79cdd7362f95fda35d4fad6c0f4fd87d83de0644d769c05
516a000096c704bd5c2d7a6a0a1a6a42ab6f6c25497bd0f00ff57ecdb0614c02
79a631b0d20882c7a45e452c78bcbdff1bba658c6368412bdafaeaf21565c132
924402a140018b46dd391ff23519afec7f4d1c16369553e7dc12f1739cdf1f57
e6a32e51882f5407309707e31fcbae997cc403c5288628ed8dff9a78d098bb67