carti.zguduireaadventismului.ro Open in urlscan Pro
89.40.16.195 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thelibrary.ro/go/
Effective URL:
https://carti.zguduireaadventismului.ro/intesa/
Submission: On October 03 via automatic, source openphish (October 3rd 2022, 1:11:39 am UTC) — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 24 HTTP transactions. The main IP is 89.40.16.195, located in Romania and belongs to GTS-BACKBONE GTS Telecom, RO. The main domain is carti.zguduireaadventismului.ro.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 10th 2022. Valid for: 3 months.

This is the only time carti.zguduireaadventismului.ro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Intesa Sanpaolo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	93.115.53.85 93.115.53.85	205275 (ROMARG HO...) (ROMARG HOSTING)
12	89.40.16.195 89.40.16.195	5606 (GTS-BACKB...) (GTS-BACKBONE GTS Telecom)
1 2	2606:4700:20:... 2606:4700:20::681a:85b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	193.41.198.216 193.41.198.216	20942 (ISP-ASN2) (ISP-ASN2)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
24	8

1 93.115.53.85 (Romania) 1 redirects

ASN205275 (ROMARG HOSTING, RO)
PTR: host.nextserver.ro

www.thelibrary.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 89.40.16.195 (Romania)

ASN5606 (GTS-BACKBONE GTS Telecom, RO)
PTR: server.fii.digital

carti.zguduireaadventismului.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:85b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.41.198.216 (Italy)

ASN20942 (ISP-ASN2, IT)
PTR: android.intesasanpaolo.com

www.intesasanpaolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	zguduireaadventismului.ro carti.zguduireaadventismului.ro	607 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1515 ka-f.fontawesome.com — Cisco Umbrella Rank: 2899	34 KB
3	intesasanpaolo.com www.intesasanpaolo.com — Cisco Umbrella Rank: 391529	12 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 284 fonts.googleapis.com — Cisco Umbrella Rank: 41	32 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 106432	97 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	thelibrary.ro 1 redirects www.thelibrary.ro	488 B
24	7

	Domain	Requested by
12	carti.zguduireaadventismului.ro	carti.zguduireaadventismului.ro
4	ka-f.fontawesome.com	kit.fontawesome.com
3	www.intesasanpaolo.com	carti.zguduireaadventismului.ro
2	cdn.tailwindcss.com	1 redirects carti.zguduireaadventismului.ro
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	carti.zguduireaadventismului.ro
1	ajax.googleapis.com	carti.zguduireaadventismului.ro
1	kit.fontawesome.com	carti.zguduireaadventismului.ro
1	www.thelibrary.ro	1 redirects
24	9

This site contains no links.

Subject Issuer	Validity	Valid
carti.zguduireaadventismului.ro cPanel, Inc. Certification Authority	`2022-09-10` - `2022-12-09`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
www.intesasanpaolo.com GlobalSign Extended Validation CA - SHA256 - G3	`2022-03-06` - `2023-04-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://carti.zguduireaadventismului.ro/intesa/
Frame ID: 42BD694DE8FDCA7F922D28E1F166DC64
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Entra - Intesa Sanpaolo

Page URL History Show full URLs

http://www.thelibrary.ro/go/ HTTP 302
https://carti.zguduireaadventismului.ro/intesa/ Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

8
IPs

5
Countries

826 kB
Transfer

1218 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thelibrary.ro/go/ HTTP 302
https://carti.zguduireaadventismului.ro/intesa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.1.8

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
carti.zguduireaadventismului.ro/intesa/
Redirect Chain

http://www.thelibrary.ro/go/
https://carti.zguduireaadventismului.ro/intesa/

8 KB
2 KB

202ms
64ms

Document
text/html

89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

3388a4bd0b4051a9a5db7d8c73f2b8e5a154337f692c5a36dff267825789f74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 2196
content-type: text/html; charset=UTF-8
date: Mon, 03 Oct 2022 01:11:33 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOW
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Oct 2022 01:11:33 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
location: https://carti.zguduireaadventismului.ro/intesa/

GET
H2

200

3.1.8 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.1.8

319 KB
97 KB

30ms
30ms

Script
text/javascript

2606:4700:20::681a:85b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.1.8

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Server

2606:4700:20::681a:85b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6e7e5263fa38ed2725e4be49d49fdca61aa60f92ffc1edbd0c3b47dc8c9e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:34 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Aug 2022 17:01:21 GMT
x-vercel-id: syd1::iad1::5cswb-1659718880314-e36b19295c12
server: cloudflare
age: 5040611
x-vercel-cache: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1yUz5zUNNPY%2B2Fhqk2x0YUSn1vQzv3wtCdOaxg48MJAqScxtHJ1pFtxLxJhfqW4tJIRp6%2FmfDyjs1bPZq2SayJp5I93lp4KyKsilY1uY2Erd7l17XMPR0H8U3ohpIujQj%2FMbWQjiLj8yCy93S2AgGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 7541cdfb1de69a2f-FRA

Redirect headers

date: Mon, 03 Oct 2022 01:11:34 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: syd1::iad1::7mr9q-1664758397438-d9723066cd19
server: cloudflare
age: 635
x-vercel-cache: MISS
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erjvnxU25dUzNuCX3LtlHDyYFsZfGFEvBaUTX7%2F6rnpNoWoLyRuz13GNfASK7e86LI0KVvWJlze0QyR9ZjFpuekYPsxQe3Pn81jdiU9IctkJazEj2veUA7SzdWKpSRjnAcYxuo4Hmpg482hjje9tik4%3D"}],"group":"cf-nel","max_age":604800}
location: /3.1.8
cache-control: max-age=14400
cf-ray: 7541cdfafdc29a2f-FRA
content-length: 0

GET
H2 200 887a93ffa3.js Show response
kit.fontawesome.com/ 11 KB
4 KB 83ms
35ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/887a93ffa3.js

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ee384f718fabd25f5c632e57a1c2a44a5ff17b14393eaa50f39a6a32410fd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://carti.zguduireaadventismului.ro/
Origin: https://carti.zguduireaadventismului.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:34 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7541cdfafdf89028-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FxpCoqJHNXKFl_BuLoyD

GET
H2 200 style.css
carti.zguduireaadventismului.ro/intesa/ 716 B
478 B 53ms
52ms Stylesheet
text/css 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://carti.zguduireaadventismului.ro/intesa/style.css

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

689543764219842da66004f3a666153952d55f2915363f579b7d2ff46ab7a422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: Accept-Encoding,User-Agent
content-type: text/css
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 403
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H/1.1 200
OK flag_eng.png
www.intesasanpaolo.com/content/dam/vetrina/design/ico/ 1 KB
3 KB 237ms
41ms Image
image/png 193.41.198.216
ISP-ASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intesasanpaolo.com/content/dam/vetrina/design/ico/flag_eng.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT),

Reverse DNS

android.intesasanpaolo.com

Software

Resource Hash

b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 01:11:35 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: "5de"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
Content-Type: image/png
X-Frame-Options: SAMEORIGIN
Access-Control-Expose-Headers: accept-ranges,content-encoding,content-length,content-range,deviceIDrba
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page
Content-Length: 1502
Keep-Alive: timeout=2, max=100

GET
H/1.1 200
OK logo-intesasanpaolo.png
www.intesasanpaolo.com/etc/designs/vetrina/images/ 5 KB
6 KB 206ms
48ms Image
image/png 193.41.198.216
ISP-ASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intesasanpaolo.com/etc/designs/vetrina/images/logo-intesasanpaolo.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT),

Reverse DNS

android.intesasanpaolo.com

Software

Resource Hash

559bde803d8dedb905509859f3c1d14c9837788f2d5cf6ee26f1518f528d0cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 01:11:35 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: "146d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
Content-Type: image/png
X-Frame-Options: SAMEORIGIN
Access-Control-Expose-Headers: accept-ranges,content-encoding,content-length,content-range,deviceIDrba
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page
Content-Length: 5229
Keep-Alive: timeout=2, max=100

GET
H/1.1 200
OK ico-parla-con-noi.png
www.intesasanpaolo.com/etc/designs/vetrina/images/ 2 KB
3 KB 211ms
50ms Image
image/png 193.41.198.216
ISP-ASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.intesasanpaolo.com/etc/designs/vetrina/images/ico-parla-con-noi.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.41.198.216 , Italy, ASN20942 (ISP-ASN2, IT),

Reverse DNS

android.intesasanpaolo.com

Software

Resource Hash

9e5f7acbc049c135bfae2d725aa23aeced8e05320aadf2629ca8fa11f5dafb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Mon, 03 Oct 2022 01:11:35 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
ETag: "785"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
Content-Type: image/png
X-Frame-Options: SAMEORIGIN
Access-Control-Expose-Headers: accept-ranges,content-encoding,content-length,content-range,deviceIDrba
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept,accept-encoding,accessmode,applicationname,authorization,bank-code,bt,caller,channel,clientversion,content-type,lang,operationsystem,origin,profilo-reset,useragent,x-isp-keyid,x-isp-signature,x-requested-with,formname,X-File-Size,cEgida,accept-language,connection,content-length,host,referer,accept-ranges,range,user-agent,devicemodel,geolocation,x-request-id,my-host,digest,signature,devicedna,f&f,deviceIDrba,deviceSignature,tipoCliente,x-bear-session-token,x-isp-session-id,x-isp-transaction-id,x-isp-execution,x-isp-cypher,x-isp-browsername,,x-ma-bid,x-ma-sid,x-ma-hostname,x-ma-pid,uniqueid,Page
Content-Length: 1925
Keep-Alive: timeout=2, max=100

GET
H2 200 ico-lock.png
carti.zguduireaadventismului.ro/intesa/assets/ 1 KB
1 KB 53ms
50ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/ico-lock.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

b0baff927a4d1df435510b5898c1d3af367400fd8666073591e89958d6ef23a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1318
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 login.png
carti.zguduireaadventismului.ro/intesa/assets/ 20 KB
20 KB 54ms
51ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/login.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

912890578a8183671eb727ec49bd3034e88e69e919e0f90b64698230c97518de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20543
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 info.png
carti.zguduireaadventismului.ro/intesa/assets/ 33 KB
33 KB 53ms
51ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/info.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

04175332786f8ad049fb530651000f9a3a460ca316b040f733363d5e0ed5ed35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33917
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 footer3.png
carti.zguduireaadventismului.ro/intesa/assets/ 53 KB
53 KB 53ms
50ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/footer3.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

7b924d3d3f6a8ac067c48b4dae0d719a5a74ab6cfda2d931d9e9f97baace8e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 53818
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 footer2.png
carti.zguduireaadventismului.ro/intesa/assets/ 50 KB
51 KB 99ms
97ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/footer2.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

fea6264da4d45352e34d8d5652a215e70afb023ae1fb30c0dbb661f0873f4e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 51545
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 footer1.png
carti.zguduireaadventismului.ro/intesa/assets/ 34 KB
35 KB 100ms
98ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/footer1.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

28e9e0ac31e359559bf26c1c6f86b89622032a1c9d270b6c9ea28416d09de038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35192
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 footer1m.png
carti.zguduireaadventismului.ro/intesa/assets/ 35 KB
36 KB 147ms
145ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/footer1m.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

7021f57054c68db84deb34e45a545419fe2bc5f1b65392c79dc92131f624c729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 36129
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 footer2m.png
carti.zguduireaadventismului.ro/intesa/assets/ 47 KB
48 KB 146ms
144ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/footer2m.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

d9d202fa4859f396d5ee3892d23b8b3ff36b7120a6ee22ccb9d41058306eb49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 48518
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 footer3m.png
carti.zguduireaadventismului.ro/intesa/assets/ 36 KB
36 KB 146ms
145ms Image
image/png 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/footer3m.png

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

59efe04d446fdbe7ad049b0573cb116176d7906a97ac72a3a782d75d69fddc5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/png
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 36535
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 12:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Oct 2023 12:49:51 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.2.0/css/ 100 KB
23 KB 145ms
29ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.0/css/free.min.css?token=887a93ffa3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/887a93ffa3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1081c5c02309927ef4aa2929fc0e14122fb47302d81ea4118acb9d643a1c65e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:35 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 16666
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
server: cloudflare
etag: W/"0fb4e5b70c498af98f246511192b899d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMXnu3mmucsKwK%2FBW1ps3u9HF1mOu%2FdcG%2BLlQRDGEK67rccfAexsBOk3ECYwMVVtXFRC7J4tBKj98LoMaLCzHdpvr1wechemkTkaGK%2BvDwNCOI%2B0A4E5sRNV0BkIY19N%2BfyZmof3CQdWJqN0lH5D1AR1Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7541cdfc6840bb91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: myfbovAaeC6woVvRxGgkt4PI8RtWwbqVTr644flJu9OlFeT-0OIu-A==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.2.0/css/ 27 KB
5 KB 148ms
32ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-shims.min.css?token=887a93ffa3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/887a93ffa3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6c1651291bdbeeaf76023bf75ea9e024acecc85244905df86a5bd98e294e3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:35 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 16666
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
server: cloudflare
etag: W/"58dea8f45bf2685132179a837507637a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIgc2RyMKuGhysIbymE0MxrGtak%2BmeDFrxO5pf6t0xaimmVi38NWWKT0Mz2zKOj9mNLWMv0Ik5NSU6yEORQ0ogc5pDqABMfAu4ldeqhAe7PYsRj63E%2B43Q4W0pLkl4ui1GIJP9drYiHOibw9l6ZIQWEZPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7541cdfc6842bb91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: aTxSuuuDFdwlcnRZw3GNR4HbVDyh3Rb_ByYCbsyyV7AOHcLfjYT7Pw==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.2.0/css/ 823 B
728 B 143ms
27ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.0/css/free-v5-font-face.min.css?token=887a93ffa3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/887a93ffa3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17e97452418b8595f162bfbd40f3fb96d1153cda5d2b0a49b0d0a05b01fce385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:35 GMT
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 16666
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
server: cloudflare
etag: W/"e2e288c32f411dc30c0c399302a30654"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Mq3Dur9WrQQ3aTjdXLL3K%2Fwf3Ydgu6mLVqPPjNQzauptKbQuqy1%2BTTY3mF3y3GrcjnqPVTENGpiPpZdU%2FjKgTZ%2BflEyvnY38Bq26KwlDxLRPluoRhycRa3Gc2NE1AnBJZ4IpQgPJ5T9nDQTgFXQHkCR5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7541cdfc6843bb91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: kRFUgbhJiHgORrOBJSkOHm4UdKucDW84PsJEATXKKiulukUdpEcGqQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.2.0/css/ 2 KB
1 KB 141ms
26ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-font-face.min.css?token=887a93ffa3
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/887a93ffa3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657b38d408d6552df456c765be754c08e6dee14da828fcfc3a05d25567d01521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:35 GMT
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 16666
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
server: cloudflare
etag: W/"a0adfe3c7bd1fa905b7f3b5ecea27889"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svAynQjHAeU0U19dIO81pwiHjtmXrWV3rcrUVQCZ2Dldc9BUNI16ZTrS4QSGwjCZ2TzzZ9Upv8MDOZRpITGzm8wJUGXSz5fU79KmhBVYD5yEJhvoPizCBa66NzJBR4g46OemKApEYeOA0aXoNNy7ldV%2B9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7541cdfc6844bb91-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: F3l9p6rNnNoRYxNo2Ox8OUpLe2NSBtPmIBUtiQASTqJpQMxQYkt1jg==

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 166ms
52ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Oct 2022 01:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 23:49:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Oct 2022 01:11:35 GMT

GET
H2 200 bg.jpeg
carti.zguduireaadventismului.ro/intesa/assets/ 290 KB
292 KB 67ms
67ms Image
image/jpeg 89.40.16.195
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://carti.zguduireaadventismului.ro/intesa/assets/bg.jpeg

Requested by

Host: carti.zguduireaadventismului.ro
URL: https://carti.zguduireaadventismului.ro/intesa/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

89.40.16.195 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),

Reverse DNS

server.fii.digital

Software

Apache /

Resource Hash

9cef654d6ddef27c675f61e68b6e3ff66e78e12bb7f42580c9cbb0427d1f4107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://carti.zguduireaadventismului.ro/intesa/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 01:11:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Sep 2022 17:10:49 GMT
server: Apache
x-frame-options: ALLOW
vary: User-Agent
content-type: image/jpeg
x-web-hosting: Server Cloud administrat de catre NSHOST.RO - https://www.nshost.ro/
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 296563
x-xss-protection: 1; mode=block
expires: max-age=2592000, public

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 54ms
15ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://carti.zguduireaadventismului.ro
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 541261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 18:50:34 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Intesa Sanpaolo (Banking)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.thelibrary.ro/	1969-12-31 23:59:59	Name: PHPSESSID Value: ae2e4ou2avbb1dcife1ad408t5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
carti.zguduireaadventismului.ro
cdn.tailwindcss.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
www.intesasanpaolo.com
www.thelibrary.ro
193.41.198.216
2606:4700:20::681a:85b
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2a00:1450:4001:800::2003
2a00:1450:4001:803::200a
2a00:1450:400d:80c::200a
89.40.16.195
93.115.53.85
04175332786f8ad049fb530651000f9a3a460ca316b040f733363d5e0ed5ed35
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17e97452418b8595f162bfbd40f3fb96d1153cda5d2b0a49b0d0a05b01fce385
28e9e0ac31e359559bf26c1c6f86b89622032a1c9d270b6c9ea28416d09de038
2d6e7e5263fa38ed2725e4be49d49fdca61aa60f92ffc1edbd0c3b47dc8c9e2b
3388a4bd0b4051a9a5db7d8c73f2b8e5a154337f692c5a36dff267825789f74e
559bde803d8dedb905509859f3c1d14c9837788f2d5cf6ee26f1518f528d0cf8
59efe04d446fdbe7ad049b0573cb116176d7906a97ac72a3a782d75d69fddc5e
5ee384f718fabd25f5c632e57a1c2a44a5ff17b14393eaa50f39a6a32410fd99
657b38d408d6552df456c765be754c08e6dee14da828fcfc3a05d25567d01521
689543764219842da66004f3a666153952d55f2915363f579b7d2ff46ab7a422
7021f57054c68db84deb34e45a545419fe2bc5f1b65392c79dc92131f624c729
7b924d3d3f6a8ac067c48b4dae0d719a5a74ab6cfda2d931d9e9f97baace8e72
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88bfe7db247ca84495ed523a0f205d38704aa288e1d3e119306584394464091b
912890578a8183671eb727ec49bd3034e88e69e919e0f90b64698230c97518de
9cef654d6ddef27c675f61e68b6e3ff66e78e12bb7f42580c9cbb0427d1f4107
9e5f7acbc049c135bfae2d725aa23aeced8e05320aadf2629ca8fa11f5dafb14
b0baff927a4d1df435510b5898c1d3af367400fd8666073591e89958d6ef23a8
b9cf5ac56dd524668e1156759674215a9224dcaec961914e0e36c2c0efcb9bc0
c1081c5c02309927ef4aa2929fc0e14122fb47302d81ea4118acb9d643a1c65e
c6c1651291bdbeeaf76023bf75ea9e024acecc85244905df86a5bd98e294e3c0
d9d202fa4859f396d5ee3892d23b8b3ff36b7120a6ee22ccb9d41058306eb49b
fea6264da4d45352e34d8d5652a215e70afb023ae1fb30c0dbb661f0873f4e5e

carti.zguduireaadventismului.ro Open in urlscan Pro 89.40.16.195 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

67 %IPv6

7 Domains

9 Subdomains

8 IPs

5 Countries

826 kBTransfer

1218 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

carti.zguduireaadventismului.ro Open in urlscan Pro
89.40.16.195 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

8
IPs

5
Countries

826 kB
Transfer

1218 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!