login.cabinetbiorezonanta.ro Open in urlscan Pro
89.41.38.48  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response login.cabinetbiorezonanta.ro/	45 KB 8 KB	253ms 54ms	Document text/html	89.41.38.48 ROMARG HOSTING
General Check archive.org Show headers Download Go to Full URL https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 89.41.38.48 , Romania, ASN205275 (ROMARG HOSTING, RO), Reverse DNS Software Apache / Resource Hash 24f85c7538a8b17f9fd5ba2e0fe97e798d352fb9c866e0bd2db17ab35e314a0c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 8377 content-type text/html date Mon, 19 Jun 2023 12:54:44 GMT last-modified Fri, 02 Jun 2023 16:44:08 GMT server Apache vary Accept-Encoding
GET H2	200	style.css login.cabinetbiorezonanta.ro/assets/	144 KB 21 KB	59ms 59ms	Stylesheet text/css	89.41.38.48 ROMARG HOSTING
General Check archive.org Show headers Download Go to Full URL https://login.cabinetbiorezonanta.ro/assets/style.css Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 89.41.38.48 , Romania, ASN205275 (ROMARG HOSTING, RO), Reverse DNS Software Apache / Resource Hash 0d35c23a6813d07463bdda22d4c0ddc4c96e56ad8d68312c97249acf672724a4 Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 12:54:44 GMT content-encoding br last-modified Mon, 09 Jan 2023 14:19:14 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 21398
GET H2	200	icon-PN-check.png www.paypalobjects.com/images/shared/	2 KB 2 KB	97ms 21ms	Image image/png	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/images/shared/icon-PN-check.png Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CAF) / Resource Hash 4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 12:54:45 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff last-modified Sat, 13 Feb 2021 00:20:23 GMT accept-ch DPR, Viewport-Width, Width, ECT, Downlink server ECAcc (frc/4CAF) etag "60271b47-8bc" x-cache HIT content-type image/png paypal-debug-id 42e2a8b8a39ff cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes dc ccg11-origin-www-1.paypal.com content-length 2236 expires Mon, 19 Jun 2023 13:54:45 GMT
GET H2	200	glyph_alert_critical_big-2x.png www.paypalobjects.com/images/shared/	6 KB 6 KB	96ms 22ms	Image image/png	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CA8) / Resource Hash 13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 12:54:45 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff last-modified Fri, 12 Sep 2014 15:08:04 GMT accept-ch DPR, Viewport-Width, Width, ECT, Downlink server ECAcc (frc/4CA8) etag "54130c54-16c4" x-cache HIT content-type image/png paypal-debug-id d1e8f59f24b7 cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes dc ccg11-origin-www-1.paypal.com content-length 5828 expires Mon, 19 Jun 2023 13:54:45 GMT
GET H2	200	sweetalert2@11 Show response cdn.jsdelivr.net/npm/	66 KB 19 KB	73ms 21ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/sweetalert2@11 Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d836e0e75cb17daeea67c0922aab0dc47b6987c5077606f3c5717d00db72247a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 19 Jun 2023 12:54:45 GMT x-content-type-options nosniff content-encoding br age 12164 x-jsd-version 11.7.12 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 19486 x-served-by cache-fra-eddf8230139-FRA x-jsd-version-type version etag W/"109b9-+rpF2xPZ/NuPuP6MI/GG7UC13uQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	js Show response www.googletagmanager.com/gtag/	173 KB 64 KB	87ms 36ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-267157441-1 Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8e0bcabb284ba8bba07d243755e942886fcac15ef78099816b182b8ef2227265 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 12:54:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 64690 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Jun 2023 12:54:45 GMT
GET H2	200	paypal-mark-color.svg www.paypalobjects.com/paypal-ui/logos/svg/	1 KB 924 B	27ms 20ms	Image image/svg+xml	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/assets/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CB4) / Resource Hash f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 12:54:45 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload x-cache HIT paypal-debug-id 722fad029507 dc ccg11-origin-www-1.paypal.com content-length 548 last-modified Wed, 15 Jun 2022 22:33:20 GMT server ECAcc (frc/4CB4) etag "62aa5e30-436" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Mon, 19 Jun 2023 13:54:45 GMT
GET H2	200	PayPalSansBig-Regular.woff2 www.paypalobjects.com/paypal-ui/fonts/	25 KB 25 KB	93ms 28ms	Font application/font-woff2	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2 Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/assets/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4D0A) / Resource Hash 1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://login.cabinetbiorezonanta.ro/ Origin https://login.cabinetbiorezonanta.ro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 12:54:45 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-cache HIT paypal-debug-id 6149ee5c0ee5 dc ccg11-origin-www-1.paypal.com content-length 25368 last-modified Sat, 13 Feb 2021 00:27:06 GMT server ECAcc (frc/4D0A) traceparent 00-000000000000000000006149ee5c0ee5-70ef4d6f347210e1-01 etag "60271cda-6318" content-type application/font-woff2 access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Mon, 19 Jun 2023 13:54:45 GMT
GET H2	200	PayPalSansBig-Medium.woff2 www.paypalobjects.com/paypal-ui/fonts/	18 KB 18 KB	90ms 27ms	Font application/font-woff2	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2 Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/assets/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4C95) / Resource Hash 2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://login.cabinetbiorezonanta.ro/ Origin https://login.cabinetbiorezonanta.ro accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 12:54:45 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-cache HIT paypal-debug-id d00f0e31003ec dc ccg11-origin-www-1.paypal.com content-length 18508 last-modified Sat, 13 Feb 2021 00:27:06 GMT server ECAcc (frc/4C95) traceparent 00-0000000000000000000d00f0e31003ec-346b6722378ccfe1-01 etag "60271cda-484c" content-type application/font-woff2 access-control-allow-origin * cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Mon, 19 Jun 2023 13:54:45 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	216 KB 77 KB	39ms 38ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QTQ9WHWQ6H&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-267157441-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1af3d47c249fd1fbdc5324334f10b3ff8a73f19f387227de4f1b0b71d84d6f84 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Mon, 19 Jun 2023 12:54:45 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79107 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 19 Jun 2023 12:54:45 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	83ms 24ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-267157441-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 19 Jun 2023 12:35:22 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 1164 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Mon, 19 Jun 2023 14:35:22 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 262 B	81ms 28ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-QTQ9WHWQ6H&gtm=45je36e0&_p=1714545544&_gaz=1&cid=217286540.1687179286&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687179286&sct=1&seg=0&dl=https%3A%2F%2Flogin.cabinetbiorezonanta.ro%2F&dt=Log%20in%20to%20your%20account&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QTQ9WHWQ6H&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Mon, 19 Jun 2023 12:54:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://login.cabinetbiorezonanta.ro cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 262 B	92ms 26ms	Ping text/plain	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QTQ9WHWQ6H&cid=217286540.1687179286&gtm=45je36e0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QTQ9WHWQ6H&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Mon, 19 Jun 2023 12:54:46 GMT server Golfe2 content-type text/plain access-control-allow-origin https://login.cabinetbiorezonanta.ro cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	97ms 44ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QTQ9WHWQ6H&cid=217286540.1687179286&gtm=45je36e0&aip=1&z=1540033890 Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Mon, 19 Jun 2023 12:54:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 215 B	28ms 27ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1714545544&t=pageview&_s=1&dl=https%3A%2F%2Flogin.cabinetbiorezonanta.ro%2F&ul=en-us&de=UTF-8&dt=Log%20in%20to%20your%20account&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=262974113&gjid=1636817365&cid=217286540.1687179286&tid=UA-267157441-1&_gid=172194379.1687179286&_r=1&gtm=457e36e0&jsscut=1&z=699837346 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://login.cabinetbiorezonanta.ro/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 19 Jun 2023 12:54:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://login.cabinetbiorezonanta.ro cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	28ms 27ms	XHR text/plain	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-267157441-1&cid=217286540.1687179286&jid=262974113&gjid=1636817365&_gid=172194379.1687179286&_u=YADAAUAAAAAAACAAI~&z=665935507 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://login.cabinetbiorezonanta.ro/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 19 Jun 2023 12:54:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://login.cabinetbiorezonanta.ro cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	104ms 45ms	Image image/gif	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-267157441-1&cid=217286540.1687179286&jid=262974113&_u=YADAAUAAAAAAACAAI~&z=572527816 Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Mon, 19 Jun 2023 12:54:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	48ms 47ms	Image image/gif	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-267157441-1&cid=217286540.1687179286&jid=262974113&_u=YADAAUAAAAAAACAAI~&z=572527816 Requested by Host: login.cabinetbiorezonanta.ro URL: https://login.cabinetbiorezonanta.ro/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://login.cabinetbiorezonanta.ro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Mon, 19 Jun 2023 12:54:46 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cabinetbiorezonanta.ro/	1970-01-20 22:15:39	Name: _ga_QTQ9WHWQ6H Value: GS1.1.1687179286.1.0.1687179286.60.0.0
			.cabinetbiorezonanta.ro/	1970-01-20 22:15:39	Name: _ga Value: GA1.2.217286540.1687179286
			.cabinetbiorezonanta.ro/	1970-01-20 12:41:05	Name: _gid Value: GA1.2.172194379.1687179286
			.cabinetbiorezonanta.ro/	1970-01-20 12:39:39	Name: _gat_gtag_UA_267157441_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
login.cabinetbiorezonanta.ro
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.paypalobjects.com
192.229.221.25
2001:4860:4802:34::36
2a00:1450:4001:802::2003
2a00:1450:4001:806::2004
2a00:1450:4001:810::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c0c::9d
2a04:4e42:200::485
89.41.38.48
0d35c23a6813d07463bdda22d4c0ddc4c96e56ad8d68312c97249acf672724a4
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
1af3d47c249fd1fbdc5324334f10b3ff8a73f19f387227de4f1b0b71d84d6f84
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
24f85c7538a8b17f9fd5ba2e0fe97e798d352fb9c866e0bd2db17ab35e314a0c
2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e0bcabb284ba8bba07d243755e942886fcac15ef78099816b182b8ef2227265
d836e0e75cb17daeea67c0922aab0dc47b6987c5077606f3c5717d00db72247a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5