anvicenter.ro Open in urlscan Pro
109.99.162.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://anvicenter.ro/book/wells/loginmobile?country=United+States&iso=US&wells_id=956225db5b50bc3305f407b29
Effective URL:
https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Submission: On September 16 via manual (September 16th 2021, 5:32:42 am UTC) from RO — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 19 HTTP transactions. The main IP is 109.99.162.15, located in Bucharest, Romania and belongs to RTD Bucharest, Romania, RO. The main domain is anvicenter.ro.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 8th 2021. Valid for: 3 months.

This is the only time anvicenter.ro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 18	109.99.162.15 109.99.162.15	9050 (RTD Bucha...) (RTD Bucharest)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	3

18 109.99.162.15 (Bucharest, Romania) 2 redirects

ASN9050 (RTD Bucharest, Romania, RO)
PTR: cpanel5.romtelecom.net

anvicenter.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	anvicenter.ro 2 redirects anvicenter.ro	211 KB
2	cloudflare.com cdnjs.cloudflare.com	10 KB
1	googleapis.com ajax.googleapis.com	31 KB
19	3

	Domain	Requested by
18	anvicenter.ro	2 redirects anvicenter.ro
2	cdnjs.cloudflare.com	anvicenter.ro cdnjs.cloudflare.com
1	ajax.googleapis.com	anvicenter.ro
19	3

This site contains no links.

Subject Issuer	Validity	Valid
anvicenter.ro cPanel, Inc. Certification Authority	`2021-09-08` - `2021-12-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Frame ID: 0AC6EF1CD826016F12DDA709A7791197
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign On to View Your Personal Accounts | Wells Fargo

Page URL History Show full URLs

https://anvicenter.ro/book/wells/loginmobile?country=United+States&iso=US&wells_id=956225db5b50bc3... HTTP 302
https://anvicenter.ro/book/wells/index HTTP 302
https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

251 kB
Transfer

412 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://anvicenter.ro/book/wells/loginmobile?country=United+States&iso=US&wells_id=956225db5b50bc3305f407b29 HTTP 302
https://anvicenter.ro/book/wells/index HTTP 302
https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
anvicenter.ro/book/wells/
Redirect Chain

https://anvicenter.ro/book/wells/loginmobile?country=United+States&iso=US&wells_id=956225db5b50bc3305f407b29
https://anvicenter.ro/book/wells/index
https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

9 KB
3 KB

339ms
339ms

Document
text/html

109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to

Full URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),
Reverse DNS: cpanel5.romtelecom.net
Software: Apache /
Resource Hash: 9cab43a77ff1f4e55574c4718e3c186d9254bb26d48f49d88d19b4bd7882caf3

Request headers

Host: anvicenter.ro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 16 Sep 2021 05:32:37 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 16 Sep 2021 05:32:37 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Location: login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK global.css
anvicenter.ro/book/wells/Spox/Files/css/ 16 KB
4 KB 129ms
128ms Stylesheet
text/css 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to

Full URL

https://anvicenter.ro/book/wells/Spox/Files/css/global.css

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

4cc21ce71aaefb6a012cb4647e61c86298d8a0d60f62818ab14d7bdad24aa0df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:34:34 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3358
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK enhanced-header.css
anvicenter.ro/book/wells/Spox/Files/css/ 4 KB
1 KB 130ms
129ms Stylesheet
text/css 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to

Full URL

https://anvicenter.ro/book/wells/Spox/Files/css/enhanced-header.css

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

deb53a41129bb6d1f55e7c0fa8f624d7fef0837822b0c0e3ead659100ae7fee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 31 Aug 2019 15:15:26 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 970
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK content.css
anvicenter.ro/book/wells/Spox/Files/css/ 1 KB
1011 B 155ms
84ms Stylesheet
text/css 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to

Full URL

https://anvicenter.ro/book/wells/Spox/Files/css/content.css

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

96205749f37d9000d1d06e229392940562cde4f22f3af95400df7ccdf383c819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:28:06 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 574
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK wf.css
anvicenter.ro/book/wells/Spox/Files/css/ 199 B
580 B 162ms
91ms Stylesheet
text/css 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to

Full URL

https://anvicenter.ro/book/wells/Spox/Files/css/wf.css

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

5b38f2f8c09ad0b050e4ec97524f3eb95b8c1fa2cf1b5a922eb4172608e4afc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:34:38 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 143
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK enhanced-footer.css
anvicenter.ro/book/wells/Spox/Files/css/ 3 KB
1 KB 160ms
88ms Stylesheet
text/css 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to

Full URL

https://anvicenter.ro/book/wells/Spox/Files/css/enhanced-footer.css

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

d38a22066082294d424f40db61eb42114dcf8d84b7ecd87ed460c3b8cf8c8a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:28:32 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 970
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK tccc.svg
anvicenter.ro/book/wells/Spox/Files/img/ 6 KB
3 KB 179ms
107ms Image
image/svg+xml 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/tccc.svg

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

f8cb039a63b11f207edf324bbfdabbbfaa2d421729785dca77020490c293185e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:12:10 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2381
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK ba7t.svg
anvicenter.ro/book/wells/Spox/Files/img/ 2 KB
2 KB 80ms
79ms Image
image/svg+xml 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/ba7t.svg

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

d8401dffb0fbd458ce8332222f9a1d3431bcba86f9401debf60e7783242d4150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:13:10 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1112
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK WF_stagecoach_rgb_ylw_F1.svg
anvicenter.ro/book/wells/Spox/Files/img/ 226 KB
165 KB 91ms
91ms Image
image/svg+xml 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/WF_stagecoach_rgb_ylw_F1.svg

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

9843ab395fb4cf414353b03927156a9d38c3cc3157469afd9ee97f2058445e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:13:56 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK alert_login.png
anvicenter.ro/book/wells/Spox/Files/img/ 330 B
728 B 81ms
80ms Image
image/png 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/alert_login.png

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

51adbf5bc6f1f859b465cdba71920ad306f53c1898dcf4a5c53e174942cac4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 19:02:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 330
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Sep 2022 05:32:38 GMT

GET
H/1.1 200
OK down.png
anvicenter.ro/book/wells/Spox/Files/img/ 467 B
865 B 88ms
87ms Image
image/png 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/down.png

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

5145f5faf6c1269bdd974357ed344b9cd5f4e4cea424c14dd302a9c11a206741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:15:08 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 467
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Sep 2022 05:32:38 GMT

GET
H/1.1 200
OK closex.png
anvicenter.ro/book/wells/Spox/Files/img/ 2 KB
2 KB 85ms
85ms Image
image/png 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/closex.png

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

b319b049366dde73690990738ac5af4fb9937d18abac85b01aaff185b5262868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:15:36 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1676
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Sep 2022 05:32:38 GMT

GET
H/1.1 200
OK save.png
anvicenter.ro/book/wells/Spox/Files/img/ 889 B
1 KB 94ms
82ms Image
image/png 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/save.png

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

f7899cfdbc342decc4aeb0bae9ada39bfaa8ae3c687fc72119fca2efdf77dff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:09:58 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 889
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Sep 2022 05:32:38 GMT

GET
H/1.1 200
OK go.png
anvicenter.ro/book/wells/Spox/Files/img/ 1 KB
1 KB 134ms
80ms Image
image/png 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/go.png

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:17:04 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1036
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Sep 2022 05:32:38 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 13 Sep 2022 10:40:59 GMT

GET
H2 200 jquery.form-validator.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/ 29 KB
9 KB 33ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/login?wells_id=ffdbd37efc4c4bcaf447f4ca3&country=Germany&iso=DE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 269087
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8247
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-72c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8dueMdOLuiE5Hho7TCjJe9n5VdnNP0KpKIez3IK18Ny0domxwOpS%2BbWAX6CMoVG7PrJwalUrYeV4K6hs7WLJ96PkmAIdwFEg0VoVXrKwl6IvWd6K5loc6RdkciY5A71BWF%2FzVZ0itBqCfTkDFg4VjK1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f7b722dc746987-FRA
expires: Tue, 06 Sep 2022 05:32:38 GMT

GET
H2 200 toggleDisabled.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/ 1 KB
949 B 18ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256a06c938ecc394af763d147219fa14033d3528b1ed9da5f1e2f2ddbc8d2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 28126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 628
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BTAjZKrIj0TW%2FKGkN2Ow%2BpdH0Uae9MqrW6XfqFVR9tOrYXeUiICWyq3xhBqcpPnNDnBOAFoIDWYsf0r9DlBiHqnrnBABdUszTnyzzFdtDZqLoGrISdfDBJwyKRBkxErHOgT%2FAmXcCWH1a%2FkzTc9W0%2BF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68f7b723de666987-FRA
expires: Tue, 06 Sep 2022 05:32:38 GMT

GET
H/1.1 200
OK WellsFargoSans_W_Rg.woff2
anvicenter.ro/book/wells/Spox/Files/css/ 22 KB
22 KB 79ms
79ms Font
font/woff2 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to

Full URL

https://anvicenter.ro/book/wells/Spox/Files/css/WellsFargoSans_W_Rg.woff2

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/Spox/Files/css/wf.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

ecf9cc76cd1cf5e206fd8407e7db65807bb6ddeec390d0bb9f2f8277cda91f61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://anvicenter.ro
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://anvicenter.ro/book/wells/Spox/Files/css/wf.css
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Referer: https://anvicenter.ro/book/wells/Spox/Files/css/wf.css
Origin: https://anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:31:50 GMT
Server: Apache
Vary: User-Agent
Content-Type: font/woff2
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 22500
X-XSS-Protection: 1; mode=block
Expires: Sat, 16 Oct 2021 05:32:38 GMT

GET
H/1.1 200
OK er1.png
anvicenter.ro/book/wells/Spox/Files/img/ 839 B
1 KB 152ms
98ms Image
image/png 109.99.162.15
RTD Bucharest

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anvicenter.ro/book/wells/Spox/Files/img/er1.png

Requested by

Host: anvicenter.ro
URL: https://anvicenter.ro/book/wells/Spox/Files/css/global.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

109.99.162.15 Bucharest, Romania, ASN9050 (RTD Bucharest, Romania, RO),

Reverse DNS

cpanel5.romtelecom.net

Software

Apache /

Resource Hash

b99dead0deb91299630edd2fdc72855aac3836ea262473d47348e218a7744264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: anvicenter.ro
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://anvicenter.ro/book/wells/Spox/Files/css/global.css
Cookie: PHPSESSID=0f85306f09a919ff9b96dce4ab3da346
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://anvicenter.ro/book/wells/Spox/Files/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 05:32:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 30 Aug 2019 18:33:02 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 839
X-XSS-Protection: 1; mode=block
Expires: Fri, 16 Sep 2022 05:32:38 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			anvicenter.ro/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0f85306f09a919ff9b96dce4ab3da346

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
anvicenter.ro
cdnjs.cloudflare.com
109.99.162.15
2606:4700::6810:135e
2a00:1450:4001:827::200a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
256a06c938ecc394af763d147219fa14033d3528b1ed9da5f1e2f2ddbc8d2b08
4cc21ce71aaefb6a012cb4647e61c86298d8a0d60f62818ab14d7bdad24aa0df
5145f5faf6c1269bdd974357ed344b9cd5f4e4cea424c14dd302a9c11a206741
51adbf5bc6f1f859b465cdba71920ad306f53c1898dcf4a5c53e174942cac4c0
5b38f2f8c09ad0b050e4ec97524f3eb95b8c1fa2cf1b5a922eb4172608e4afc1
96205749f37d9000d1d06e229392940562cde4f22f3af95400df7ccdf383c819
9843ab395fb4cf414353b03927156a9d38c3cc3157469afd9ee97f2058445e39
9cab43a77ff1f4e55574c4718e3c186d9254bb26d48f49d88d19b4bd7882caf3
b319b049366dde73690990738ac5af4fb9937d18abac85b01aaff185b5262868
b99dead0deb91299630edd2fdc72855aac3836ea262473d47348e218a7744264
d38a22066082294d424f40db61eb42114dcf8d84b7ecd87ed460c3b8cf8c8a7f
d8401dffb0fbd458ce8332222f9a1d3431bcba86f9401debf60e7783242d4150
deb53a41129bb6d1f55e7c0fa8f624d7fef0837822b0c0e3ead659100ae7fee2
df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d
ecf9cc76cd1cf5e206fd8407e7db65807bb6ddeec390d0bb9f2f8277cda91f61
f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a
f7899cfdbc342decc4aeb0bae9ada39bfaa8ae3c687fc72119fca2efdf77dff2
f8cb039a63b11f207edf324bbfdabbbfaa2d421729785dca77020490c293185e

anvicenter.ro Open in urlscan Pro 109.99.162.15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

251 kBTransfer

412 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

anvicenter.ro Open in urlscan Pro
109.99.162.15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

251 kB
Transfer

412 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!