urlscan.io logo urlscan.io
SecurityTrails logo

urlz.fr Open in urlscan Pro
2606:4700:3038::6815:ead7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlz.fr/hO8Q
Effective URL: http://urlz.fr/hO8Q
Submission Tags: phishing
Submission: On March 28 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 30 domains to perform 97 HTTP transactions. The main IP is 2606:4700:3038::6815:ead7, located in United States and belongs to CLOUDFLARENET, US. The main domain is urlz.fr. The Cisco Umbrella rank of the primary domain is 381218.
This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

3    2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
27    77.222.61.25 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh289.sweb.ru
vrbnk0000t.temp.swtest.ru
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
ads.themoneytizer.com
2    2606:4700:10::ac43:2a23 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.adxcore.com
5    2600:9000:2156:5e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
2    2a00:1450:4001:80e::2002 (None, )

ASN- ()
pagead2.googlesyndication.com
3    54.38.64.100 (None, )

ASN- ()
c.tmyzer.com
1    2.16.186.26 (None, )

ASN- ()
ced.sascdn.com
1    2a02:2638:1::13 (None, )

ASN- ()
gum.criteo.com
1    2a02:26f0:6c00::210:ba18 (None, )

ASN- ()
csync-global.smartadserver.com
1    2a02:26f0:f7::5c7b:e12b (None, )

ASN- ()
csync-eu.smartadserver.com
1    2606:4700:10::ac43:db6 (None, )

ASN- ()
spl.zeotap.com
1    145.239.192.166 (None, )

ASN- ()
tag.leadplace.fr
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    2620:116:800d:21:ee05:6a01:4b41:8c89 (None, )

ASN- ()
secure.quantserve.com
1    52.215.1.116 (None, )

ASN- ()
p.cpx.to
1    18.64.84.97 (None, )

ASN- ()
d2zur9cc2gf1tx.cloudfront.net
1    2.18.234.21 (None, )

ASN- ()
js-sec.indexww.com
2    2a00:1450:4001:827::200e (None, )

ASN- ()
www.google-analytics.com
2    143.204.95.188 (None, )

ASN- ()
c.amazon-adsystem.com
3    5.39.39.173 (None, )

ASN- ()
l.adxcore.com
2    2600:9000:2156:ee00:6:44e3:f8c0:93a1 (None, )

ASN- ()
rules.quantcount.com
1    2600:9000:2156:5000:3:a4cd:8380:93a1 (None, )

ASN- ()
test.quantcast.mgr.consensu.org
1    2a00:1450:4001:812::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
1    2a00:1450:4001:803::200a (None, )

ASN- ()
ajax.googleapis.com
1    51.89.21.8 (None, )

ASN- ()
id5-sync.com
1    2600:9000:2156:8c00:19:2cf2:a900:93a1 (None, )

ASN- ()
currency.prebid.org
Apex Domain
Subdomains		 Transfer
27 swtest.ru
vrbnk0000t.temp.swtest.ru
1024 KB
15 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 25926
274 KB
6 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2430
test.quantcast.mgr.consensu.org
179 KB
5 adxcore.com
ad.adxcore.com — Cisco Umbrella Rank: 266032
l.adxcore.com
205 KB
3 tmyzer.com
c.tmyzer.com
814 B
3 urlz.fr
urlz.fr — Cisco Umbrella Rank: 381218
8 KB
2 quantcount.com
rules.quantcount.com
1 KB
2 amazon-adsystem.com
c.amazon-adsystem.com
40 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 smartadserver.com
csync-global.smartadserver.com
csync-eu.smartadserver.com
281 B
2 googlesyndication.com
pagead2.googlesyndication.com
160 KB
1 prebid.org
currency.prebid.org
2 KB
1 id5-sync.com
id5-sync.com
1009 B
1 googleapis.com
ajax.googleapis.com
30 KB
1 doubleclick.net
googleads.g.doubleclick.net
5 KB
1 indexww.com
js-sec.indexww.com
13 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 cpx.to
p.cpx.to
s.cpx.to Failed
2 KB
1 quantserve.com
secure.quantserve.com
10 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1112
814 B
1 leadplace.fr
tag.leadplace.fr
6 KB
1 zeotap.com
spl.zeotap.com
20 KB
1 criteo.com
gum.criteo.com
373 B
1 sascdn.com
ced.sascdn.com
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 132
37 KB
0 casalemedia.com Failed
as-sec.casalemedia.com Failed
0 missena.io Failed
ad.missena.io Failed
0 adleadevent.com Failed
adtrack.adleadevent.com Failed
0 adsrvr.org Failed
match.adsrvr.org Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
97 30
Domain Requested by
27 vrbnk0000t.temp.swtest.ru urlz.fr
vrbnk0000t.temp.swtest.ru
15 ads.themoneytizer.com 6 redirects urlz.fr
ads.themoneytizer.com
5 quantcast.mgr.consensu.org urlz.fr
quantcast.mgr.consensu.org
3 l.adxcore.com
3 c.tmyzer.com ads.themoneytizer.com
3 urlz.fr 1 redirects urlz.fr
2 rules.quantcount.com 1 redirects
2 c.amazon-adsystem.com ad.adxcore.com
c.amazon-adsystem.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pagead2.googlesyndication.com ad.adxcore.com
pagead2.googlesyndication.com
2 ad.adxcore.com urlz.fr
ad.adxcore.com
1 currency.prebid.org ad.adxcore.com
1 id5-sync.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 spl.zeotap.com ads.themoneytizer.com
1 csync-eu.smartadserver.com
1 csync-global.smartadserver.com 1 redirects
1 gum.criteo.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 www.googletagmanager.com urlz.fr
0 as-sec.casalemedia.com Failed js-sec.indexww.com
0 ad.missena.io Failed ad.adxcore.com
0 adtrack.adleadevent.com Failed ajax.googleapis.com
0 s.cpx.to Failed p.cpx.to
0 match.adsrvr.org Failed js-sec.indexww.com
0 api.rlcdn.com Failed js-sec.indexww.com
97 34

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2022-03-25 -
2023-04-23		 a year crt.sh
*.themoneytizer.com
GoGetSSL RSA DV CA		 2022-03-10 -
2023-04-10		 a year crt.sh
c.tmyzer.com
R3		 2022-01-30 -
2022-04-30		 3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2021-09-12 -
2022-09-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-13 -
2023-01-13		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.adxcore.com
Gandi Standard SSL CA 2		 2022-01-25 -
2023-02-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.prebid.org
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh

This page contains 5 frames:

Primary Page: http://urlz.fr/hO8Q
Frame ID: 0505C879FDBDBAAE103F14C69D23E9C2
Requests: 52 HTTP requests in this frame

Frame: http://vrbnk0000t.temp.swtest.ru/Login.php
Frame ID: 605262C913B2AF06EF225A7C3A4E8D65
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1648482751945
Frame ID: 32AE8B67EC2F72BAE43A08003B8919B5
Requests: 1 HTTP requests in this frame

Frame: http://vrbnk0000t.temp.swtest.ru/Login.php
Frame ID: 0265895B0BD12F07C509FCC2897F9FCC
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Frame ID: 78D5887A58C9F8D9A5B0E1C306ABF337
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Portal für Privatkunden - Volksbank Raiffeisenbank

Page URL History Show full URLs

  1. https://urlz.fr/hO8Q HTTP 301
    http://urlz.fr/hO8Q Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:ad\.advertstream\.com|adxcore\.com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

34 %
HTTPS

57 %
IPv6

30
Domains

34
Subdomains

28
IPs

4
Countries

2092 kB
Transfer

6318 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlz.fr/hO8Q HTTP 301
    http://urlz.fr/hO8Q Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6 HTTP 302
  • https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Request Chain 4
  • http://ads.themoneytizer.com/s/gen.js?type=6 HTTP 302
  • https://ads.themoneytizer.com/s/gen.js?type=6
Request Chain 5
  • http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28 HTTP 302
  • https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Request Chain 6
  • http://ads.themoneytizer.com/s/gen.js?type=28 HTTP 302
  • https://ads.themoneytizer.com/s/gen.js?type=28
Request Chain 7
  • http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 HTTP 302
  • https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Request Chain 8
  • http://ads.themoneytizer.com/s/gen.js?type=1 HTTP 302
  • https://ads.themoneytizer.com/s/gen.js?type=1
Request Chain 36
  • https://csync-global.smartadserver.com/1097/CookieSync.html HTTP 302
  • https://csync-eu.smartadserver.com/1097/CookieSync.html
Request Chain 53
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 57
  • http://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258 HTTP 308
  • https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hO8Q
urlz.fr/
Redirect Chain
  • https://urlz.fr/hO8Q
  • http://urlz.fr/hO8Q
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/hO8Q
Protocol
HTTP/1.1
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a38eb279deb26c3dbebe12f03b3c836c9b3a16f030388e3d143ae5478de2890

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 28 Mar 2022 15:52:27 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 28 Mar 2022 15:53:27 GMT
Cache-Control
max-age=60
X-FastCGI-Cache
MISS
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWGyF1ldDcy8Ey5%2BYA66p%2FgawKlhT3ZDOFh%2FjZHkG0h%2BOSRikqpENWzOVSMK5J4Hqa0Edbv1nW0l9EAgpzywXjLlwkJeM9YTpbL7NsG4dskkeAIHPkGImMEK1A91aV4gWI1rpLJn"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6f3188765f05739f-MRS
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 28 Mar 2022 15:52:27 GMT
content-type
text/html; charset=UTF-8
location
http://urlz.fr/hO8Q
expires
Mon, 28 Mar 2022 15:53:27 GMT
cache-control
max-age=60
x-fastcgi-cache
HIT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHoeMRkiv3pXqbPyj5%2FkmbAXF1f5HuB1c9j%2FGkBcNblym9PmQi0a9jHz7uQXgVyRPP29Hnl2A4mMmttivHnTvGNlASZI0LG6Kka%2BVlFjoNBI7llHiK5Tl6VH4Rxw72FSQoZrARzp"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6f31887559400fd2-MRS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rocket-loader.min.js
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
HTTP/1.1
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/hO8Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Thu, 24 Mar 2022 11:29:35 GMT
Server
cloudflare
ETag
W/"623c561f-302c"
X-Frame-Options
DENY
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSiXktdsLQuIIZZ3ZpCUhiMxtCC8I9EZLpTY6sRGgHeBMwXFYNiHejAq9syrZKi9v0wY6JTWmFoLzZitm9xXlLybOL39wjrU3BVB3RiCmswrHeGbYs9RIqOe4EpM1dknm78pRspy"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=172800, public
CF-RAY
6f318876f89e739f-MRS
Expires
Wed, 30 Mar 2022 15:52:27 GMT
Login.php
vrbnk0000t.temp.swtest.ru/ Frame 6052 		157 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/Login.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 / PHP/7.4.16
Resource Hash
7b44b377da55d29f0ce55d46bd39e0b6238d708780201010001d735adcce5191

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/

Response headers

Server
nginx/1.19.1
Date
Mon, 28 Mar 2022 15:52:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.16
Content-Encoding
gzip
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce356d9a8068194f2daf17cfd5789d6c59d053cdf14892f7b8369226ae4f7991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37601
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Mar 2022 15:52:28 GMT
requestform.js
ads.themoneytizer.com/s/
Redirect Chain
  • http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
  • https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
110 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
H2
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
8f0b689526db289d583bf8f2b115f9bbb16846f7d08e17a5a81770634eea842e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:28 GMT
content-encoding
gzip
server
nginx
x-hw
1648482748.cds208.fr8.hn,1648482748.cds146.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
17607

Redirect headers

Date
Mon, 28 Mar 2022 15:52:28 GMT
Location
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
X-HW
1648482748.cds262.fr8.h2,1648482748.cds262.fr8.sc,1648482748.cds262.fr8.p
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
gen.js
ads.themoneytizer.com/s/
Redirect Chain
  • http://ads.themoneytizer.com/s/gen.js?type=6
  • https://ads.themoneytizer.com/s/gen.js?type=6
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
H2
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:28 GMT
content-encoding
gzip
server
nginx
x-hw
1648482748.cds208.fr8.hn,1648482748.cds259.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2073

Redirect headers

Date
Mon, 28 Mar 2022 15:52:28 GMT
Location
https://ads.themoneytizer.com/s/gen.js?type=6
X-HW
1648482748.cds278.fr8.h2,1648482748.cds051.fr8.sc,1648482748.cds051.fr8.p
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
requestform.js
ads.themoneytizer.com/s/
Redirect Chain
  • http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
  • https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
117 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
H2
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f94336003daab5b9ffc70f5f4d4588d360bc6081c4e708ed111ba0520fe0fc05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:28 GMT
content-encoding
gzip
server
nginx
x-hw
1648482748.cds208.fr8.hn,1648482748.cds260.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
18434

Redirect headers

Date
Mon, 28 Mar 2022 15:52:28 GMT
Location
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
X-HW
1648482748.cds221.fr8.h2,1648482748.cds167.fr8.sc,1648482748.cds167.fr8.p
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
gen.js
ads.themoneytizer.com/s/
Redirect Chain
  • http://ads.themoneytizer.com/s/gen.js?type=28
  • https://ads.themoneytizer.com/s/gen.js?type=28
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
H2
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:28 GMT
content-encoding
gzip
server
nginx
x-hw
1648482748.cds208.fr8.hn,1648482748.cds005.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2073

Redirect headers

Date
Mon, 28 Mar 2022 15:52:28 GMT
Location
https://ads.themoneytizer.com/s/gen.js?type=28
X-HW
1648482748.cds161.fr8.h2,1648482748.cds123.fr8.sc,1648482748.cds123.fr8.p
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
requestform.js
ads.themoneytizer.com/s/
Redirect Chain
  • http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
  • https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
117 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
H2
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f8e55db9679b4a3ddff3bc2396c596ffe5db574888dcf2f5c6c5536075abac28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:28 GMT
content-encoding
gzip
server
nginx
x-hw
1648482748.cds208.fr8.hn,1648482748.cds164.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
18424

Redirect headers

Date
Mon, 28 Mar 2022 15:52:28 GMT
Location
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
X-HW
1648482748.cds139.fr8.h2,1648482748.cds122.fr8.sc,1648482748.cds122.fr8.p
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
gen.js
ads.themoneytizer.com/s/
Redirect Chain
  • http://ads.themoneytizer.com/s/gen.js?type=1
  • https://ads.themoneytizer.com/s/gen.js?type=1
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
H2
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:28 GMT
content-encoding
gzip
server
nginx
x-hw
1648482748.cds208.fr8.hn,1648482748.cds204.fr8.c
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2073

Redirect headers

Date
Mon, 28 Mar 2022 15:52:28 GMT
Location
https://ads.themoneytizer.com/s/gen.js?type=1
X-HW
1648482748.cds088.lo4.h2,1648482748.cds273.lo4.sc,1648482748.cds273.lo4.p
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
/
ad.adxcore.com/a/init/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adxcore.com/a/init/?site=23152
Requested by
Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0256e12514b5738ca8bf76f9fb64da213f990a54ec0e604611a30021dcf7530

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Mar 2022 15:37:20 GMT
server
cloudflare
age
908
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, max-age=3600, max-age=2592000
accept-ranges
bytes
cf-ray
6f318877685b0204-ZRH
content-length
1794
expires
Wed, 27 Apr 2022 15:37:20 GMT
vr021___-webfont.woff2
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/style/vr021___-webfont.woff2
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff

Request headers

Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
Origin
http://vrbnk0000t.temp.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c6-6020-5db05b8f5f700"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
24608
vr051___-webfont.woff2
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/style/vr051___-webfont.woff2
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85

Request headers

Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
Origin
http://vrbnk0000t.temp.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:30 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c7-6004-5db05b8f5f700"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
24580
style.css
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		409 B
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/style/style.css
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
56d9b5ca65d66f2848a6101725462beff731f56f977434a8fb0a5a51a3db671d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:30 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c0-199-5db05b8f5f700"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
409
vr.css
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		648 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/style/vr.css
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
9c26f7da50967fc6a97bed5aa2e483e22666530c5474469c59834ebc371e4669

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
W/"4f661c5-a208d-5db05b8f5f700"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
logo-vr.svg
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/logo-vr.svg
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Mar 2022 07:15:07 GMT
Server
nginx/1.19.1
ETag
W/"4f661ba-2cc5-5db05b8e6b4c0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
kampagne-zuversicht-bvr-1600x550.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		308 KB
308 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/kampagne-zuversicht-bvr-1600x550.jpg
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
230ea8e5e1b20b2395c97d8362ac744e86ce086160034e014727a87d1af62f87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:30 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:07 GMT
Server
nginx/1.19.1
ETag
"4f661b7-4cf8c-5db05b8e6b4c0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
315276
kampagne-zuversicht-bvr-stoerer.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/kampagne-zuversicht-bvr-stoerer.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
07602c282af342c14e9e273a2e2a076691dfb31d6f545655d93407d57a5197b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:30 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:07 GMT
Server
nginx/1.19.1
ETag
"4f661b8-1495f-5db05b8e6b4c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
84319
apple-pay-mastercard-1600x550-2.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/apple-pay-mastercard-1600x550-2.jpg
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
de25df831c2204b16c2ece47f91e92806a2ac8f1cd8902e7a7a60d576d7b66eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:06 GMT
Server
nginx/1.19.1
ETag
"4f661a4-2e1fa-5db05b8d77280"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
188922
unwetterkatastrophe-bvr-1600x550.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/unwetterkatastrophe-bvr-1600x550.jpg
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
5735845630edf16424bffe3a1bfb8909d86da623c5fb56c3111e01bff1d8738e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:30 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c2-2599-5db05b8f5f700"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
9625
unwetterkatastrophe-bvr-stoerer.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/unwetterkatastrophe-bvr-stoerer.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
336563a08e742fa552e455b6a981b8a5a4893f55ccbe156a8cd32400a1e85590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c3-73e7-5db05b8f5f700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
29671
schwaebisch-hall.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/schwaebisch-hall.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
63c6df19c6ecf63f60d07b9851a8fb9fea860bbe15faa1adc7e39020639293ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661bf-3f1-5db05b8f5f700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1009
union-investment.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/union-investment.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
dc4af140924081d5079f67a7d106c06cddedb3c9b725df91d184c7c2462c424c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c1-2e48-5db05b8f5f700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
11848
r-v.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/r-v.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
21da0d5e35a3dbe9f020686f4e0389c01fe3a8d7d2f892ea100f7969b58a0e6f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661be-1a7f-5db05b8f5f700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
6783
easy-credit.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/easy-credit.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
9e8c63b62a891105bd80727fb009b5f57174cd5d93e352b72918a63d02bc0c4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:06 GMT
Server
nginx/1.19.1
ETag
"4f661a9-720-5db05b8d77280"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1824
dz-bank.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		969 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/dz-bank.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
359cd9f710ebfa3c48a36b951207cf31e31ec57ac51a5a30b5cfc050a86136cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:06 GMT
Server
nginx/1.19.1
ETag
"4f661a7-3c9-5db05b8d77280"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
969
dz-privatbank.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/dz-privatbank.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
9d624a34abafa8aecfc4a275a095251b8614c3381cd869e23b75304a72634162

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:06 GMT
Server
nginx/1.19.1
ETag
"4f661a8-839-5db05b8d77280"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
2105
vr-smart-finanz.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/vr-smart-finanz.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
3b0b1a81e628f8f1e65cf42231b3206acb63c91d3e1023565684d5b67daf3795

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c4-6d3-5db05b8f5f700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1747
footer-brands-dz-hyp.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/footer-brands-dz-hyp.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
ee2c214d2fab6deccda9e13828ef031e3a07d011bf9496a618e37fbaea2404d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:07 GMT
Server
nginx/1.19.1
ETag
"4f661b1-37b-5db05b8e6b4c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
891
muenchener-hyp.png
vrbnk0000t.temp.swtest.ru/style/ Frame 6052 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/muenchener-hyp.png
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash
12f8ff0cdb3c7d09b2fd5a0bbad514318283c15fcbbb224bb7fd6d5225b95c50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:07 GMT
Server
nginx/1.19.1
ETag
"4f661bb-677-5db05b8e6b4c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
1655
choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 28 Mar 2022 15:52:31 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 14:18:10 GMT
server
AmazonS3
age
30
etag
W/"a7fa5501113779849b63118ade529910"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
YCk4xrm1CS5L2Z4vaY9WGpS7-vDSTpHFs_x341mzrEQwf46i9bdbEA==
advstlib.min.js
ad.adxcore.com/static/js/components/advstlib/ 		659 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?0e86e1cca0
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/a/init/?site=23152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc05a1ca60c258a64f01ff17f226616fc12cceca10ef68510ef3d06defea82b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 25 Mar 2022 10:47:16 GMT
server
cloudflare
age
1334
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, private
cf-ray
6f31888fae410204-ZRH
expires
Wed, 27 Apr 2022 15:30:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/a/init/?site=23152
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
61eae68e07c7fc3a6bcdb7237cac5e6d03f519ad8397613e47a4e5f473901a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 28 Mar 2022 15:52:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14945662125137158960
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
53858
X-XSS-Protection
0
Expires
Mon, 28 Mar 2022 15:52:31 GMT
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:31 GMT
content-encoding
gzip
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
nginx
etag
"604b9fc7-981e"
x-hw
1648482751.cds208.fr8.hn,1648482751.cds120.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
16267
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 15:52:32 GMT
Server
nginx
X-IPLB-Request-ID
C11B0E25:AB2E_36264064:01BB_6241D9BF_1F2B2AD3:BCE5
X-IPLB-Instance
24857
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.26 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
447ca3a97e3cf55835cb3034b55810b1c6f63955776190d00281f53069b7090c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
30788
Expires
Mon, 28 Mar 2022 16:07:32 GMT
sync
gum.criteo.com/ 		49 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1647
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
CookieSync.html
csync-eu.smartadserver.com/1097/
Redirect Chain
  • https://csync-global.smartadserver.com/1097/CookieSync.html
  • https://csync-eu.smartadserver.com/1097/CookieSync.html
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/1097/CookieSync.html
Protocol
HTTP/1.1
Server
2a02:26f0:f7::5c7b:e12b -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Redirect headers

Location
https://csync-eu.smartadserver.com/1097/CookieSync.html
Date
Mon, 28 Mar 2022 15:52:32 GMT
Cache-Control
private, max-age=86400
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
Expires
Tue, 29 Mar 2022 15:52:32 GMT
mapper.js
spl.zeotap.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:32 GMT
via
1.1 google
cf-cache-status
HIT
age
1131
cf-polished
origSize=62056
content-encoding
br
last-modified
Mon, 28 Mar 2022 15:33:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.lagrosseradio.com
access-control-allow-credentials
true
cf-ray
6f31888fed3a020d-ZRH
access-control-allow-headers
*
cf-bgj
minify
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:42 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:53 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
C11B0E25:CCB2_91EFC0A6:01BB_6241D9BF_A9074EB5:4508
ETag
"6167dbf9-15ab"
X-IPLB-Instance
30195
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame 32AE 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1648482751945
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ee05:6a01:4b41:8c89 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:31 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 04 Apr 2022 15:52:31 GMT
px.js
p.cpx.to/p/12773/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12773/px.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.1.116 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e892054021c8520ab564d5edbee33ec24ba52e51c065299f5500a6270bbee406

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1975
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.64.84.97 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 03:36:40 GMT
Via
1.1 334890575cfef347bd1a869a0eafe90a.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
44153
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
TXL50-P2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
op94J9yOA7ffEj2bAM1_A0Txc6SqaXXtabT5DG6KdeRjimHS0PkxQw==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Mar 2022 15:26:09 GMT
Server
Apache
ETag
"7637ef-930b-5db48ee829d8a"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2188
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Mon, 28 Mar 2022 16:29:00 GMT
prebid.js
ads.themoneytizer.com/moneybid6_13/build/dist/ 		657 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
966ebda03f5ece17fb50895816842ceb3bcff62573e45a214a40d1d64f22005b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:31 GMT
content-encoding
gzip
last-modified
Thu, 03 Mar 2022 08:51:50 GMT
server
nginx
etag
"622081a6-a4431"
x-hw
1648482751.cds208.fr8.hn,1648482751.cds148.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
200349
/
c.tmyzer.com/c/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=99
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 15:52:31 GMT
Server
nginx
X-IPLB-Request-ID
C11B0E25:AB32_36264064:01BB_6241D9BF_1F20E35D:2820C
X-IPLB-Instance
38436
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 28 Mar 2022 15:52:32 GMT
Server
nginx
X-IPLB-Request-ID
C11B0E25:AB30_36264064:01BB_6241D9BF_1F225736:1A72
X-IPLB-Instance
38437
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
lib_fs_close.js
ads.themoneytizer.com/ 		339 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
2330fb9a498ec10491202314b4a6a0d3ec42afbb763f13f733c4d6b20dc73771

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:31 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 15:04:32 GMT
server
nginx
etag
"62164d00-153"
x-hw
1648482751.cds208.fr8.hn,1648482751.cds010.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
220
Login.php
vrbnk0000t.temp.swtest.ru/ Frame 0265 		157 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/Login.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 / PHP/7.4.16
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/

Response headers

Server
nginx/1.19.1
Date
Mon, 28 Mar 2022 15:52:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.16
Content-Encoding
gzip
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6466
date
Mon, 28 Mar 2022 14:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 28 Mar 2022 16:04:46 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:51:47 GMT
content-encoding
br
age
54
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 23 Mar 2022 21:09:06 GMT
server
AmazonS3
etag
W/"654a79dfaa26ade386414ddc75ea4b75"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6rIPHfjU66zUD7rVQkHsPlFfIRdvNlYRx3BMEMD1ZUrNu04tQRs6ow==
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?0e86e1cca0
Protocol
HTTP/1.1
Server
143.204.95.188 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id
cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
Content-Encoding
gzip
ETag
4e3fad24a118a07cea7ce88b2721a583
Age
760
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Server
Server
x-amz-rid
16743QS498M0EJWSR5DQ
Date
Mon, 28 Mar 2022 15:43:02 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Cache-Control
public, max-age=900
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
nnBXaOvEW8Sxumwyv1P_6JMCC5HlggI_t8-oRdkgY1akBRVnn0p4oQ==
/
l.adxcore.com/log/site/ 		35 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adxcore.com/log/site/?siteid=23152&a=pap&device=DESK&cb=0.32115847633967776&ref=http%3A%2F%2Furlz.fr%2FhO8Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.173 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:32 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
max-age=2592000, private
content-length
51
expires
Wed, 27 Apr 2022 15:52:32 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Server
2600:9000:2156:ee00:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:07:10 GMT
content-encoding
gzip
age
2723
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
jSVwR0FqUbsR7Z_3XxmxLPvSDSYh1Pn7UgRdNkSfAxLEaMT32jk-bw==

Redirect headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
iq4tB2uB9ptPMuZord10xof7dupjrLZ-qWsP9LERKyNoyCTNeBxlfQ==
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5000:3:a4cd:8380:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
http://urlz.fr/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 03:00:35 GMT
content-encoding
br
age
46318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Sun, 20 Mar 2022 19:52:29 GMT
server
AmazonS3
etag
W/"a8fdbbd9cc408612fc9a7b746c61ee81"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
QK7WVEOewhpMfUX4aEzGqZSYdof4ZI43
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
SIyS5nqgyMXZpANWEhhC48Sj5Uwvul6mW36qDT9EBUEm7ifA7GRI9Q==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/ 		296 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7358337023487108&plah=urlz.fr&bust=31065832
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109244
x-xss-protection
0
server
cafe
etag
8660559427584878093
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Mar 2022 15:52:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/ Frame 78D5 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 28 Mar 2022 14:24:06 GMT
expires
Mon, 11 Apr 2022 14:24:06 GMT
cache-control
public, max-age=1209600
age
5306
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
spl.zeotap.com/
Redirect Chain
  • http://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
  • https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
0
0
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1986487312&t=pageview&_s=1&dl=http%3A%2F%2Furlz.fr%2FhO8Q&ul=en-us&de=UTF-8&dt=Portal%20f%C3%BCr%20Privatkunden%20-%20Volksbank%20Raiffeisenbank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=640109016&gjid=1834472057&cid=1115983649.1648482752&tid=UA-162669458-1&_gid=1015101458.1648482752&_r=1&gtm=2ou3e0&z=1341963306
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://urlz.fr/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 15:52:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
vr021___-webfont.woff2
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/style/vr021___-webfont.woff2
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash

Request headers

Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
Origin
http://vrbnk0000t.temp.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c6-6020-5db05b8f5f700"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
24608
vr051___-webfont.woff2
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/style/vr051___-webfont.woff2
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash

Request headers

Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
Origin
http://vrbnk0000t.temp.swtest.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c7-6004-5db05b8f5f700"
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
24580
style.css
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		409 B
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/style/style.css
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
"4f661c0-199-5db05b8f5f700"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
409
vr.css
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		648 KB
96 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vrbnk0000t.temp.swtest.ru/style/vr.css
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Mar 2022 07:15:08 GMT
Server
nginx/1.19.1
ETag
W/"4f661c5-a208d-5db05b8f5f700"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
logo-vr.svg
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/logo-vr.svg
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Mar 2022 07:15:07 GMT
Server
nginx/1.19.1
ETag
W/"4f661ba-2cc5-5db05b8e6b4c0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=10
kampagne-zuversicht-bvr-1600x550.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		277 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vrbnk0000t.temp.swtest.ru/style/kampagne-zuversicht-bvr-1600x550.jpg
Requested by
Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol
HTTP/1.1
Server
77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh289.sweb.ru
Software
nginx/1.19.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:32 GMT
Last-Modified
Fri, 25 Mar 2022 07:15:07 GMT
Server
nginx/1.19.1
ETag
"4f661b7-4cf8c-5db05b8e6b4c0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
Content-Length
315276
kampagne-zuversicht-bvr-stoerer.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
apple-pay-mastercard-1600x550-2.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
unwetterkatastrophe-bvr-1600x550.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
unwetterkatastrophe-bvr-stoerer.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
schwaebisch-hall.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
union-investment.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
r-v.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
easy-credit.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
dz-bank.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
dz-privatbank.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
vr-smart-finanz.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
footer-brands-dz-hyp.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
muenchener-hyp.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:803::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Fri, 25 Mar 2022 08:04:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
287260
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
30186
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 25 Mar 2023 08:04:52 GMT
identity
api.rlcdn.com/api/ 		0
0
rid
match.adsrvr.org/track/ 		0
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
143.204.95.188 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
Content-Encoding
gzip
ETag
W/"a4d296427fc806b21335359e398c025c"
Age
62540
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 17 Mar 2022 02:21:48 GMT
Server
AmazonS3
Date
Sun, 27 Mar 2022 22:30:13 GMT
Vary
Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
0dFXBGmWyPCD6gsQkQoFdpVaJLUI-6VfkQn4b4wQgXkPksLinTRWEw==
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/39/ 		227 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 03:19:42 GMT
content-encoding
gzip
age
45171
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 03 Feb 2022 15:12:35 GMT
server
AmazonS3
etag
W/"58b24098a17406b31f4f22592394578b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
MqUG43JraTW2NWpnOs3gzs7xUSGbNo4OPkof94TKGQCOQpNES0pK5A==
fire.js
s.cpx.to/ 		0
0
vendor-list-trimmed-v1.json
quantcast.mgr.consensu.org/GVL-v2/ 		286 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 03:00:40 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
46313
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 28 Mar 2022 03:00:32 GMT
server
AmazonS3
etag
W/"1ba02ed5a651f5aeb75ac787f18f8427"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
xfks2bqJ9DnVpCJ8o-joyNmlUaDC9LY4eR_jhvpB4f5sdgBj4rDwHg==
9.gif
id5-sync.com/i/12/ 		43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Mon, 28 Mar 2022 15:52:31 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		153 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
http://urlz.fr/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 03:00:30 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
46323
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 28 Mar 2022 03:00:27 GMT
server
AmazonS3
etag
W/"bef88376f3f2fc086f4fdb8edf2f6e18"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LivQrsg2YfE43T3WwC42SrvCzY0kd0JJnA2bwzXth58CqTjv0jK9Gg==
notifyme.php
adtrack.adleadevent.com/ 		0
0
/
ad.missena.io/ 		0
0
latest.json
currency.prebid.org/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://currency.prebid.org/latest.json
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?0e86e1cca0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:8c00:19:2cf2:a900:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://urlz.fr/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 28 Mar 2022 15:02:34 GMT
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
vary
Origin
age
2999
x-cache
Hit from cloudfront
content-length
1647
last-modified
Mon, 28 Mar 2022 15:00:54 GMT
server
AmazonS3
etag
"51c124d477578290340a343468e9c9c2"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
-eiOgxE4L7Y6mwIKITM0Ts9r4xC-mF8TjeEA9c1fe4ONpzJhK2gRnQ==
expires
Tue, 29 Mar 2022 15:00:51 GMT
/
l.adxcore.com/log/site/ 		35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adxcore.com/log/site/?siteid=23152&a=start&testId=3&country=AA&device=DESK&cb=0.5562099979361004&ref=http%3A%2F%2Furlz.fr%2FhO8Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.173 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:32 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
max-age=2592000
content-length
51
expires
Wed, 27 Apr 2022 15:52:32 GMT
/
l.adxcore.com/log/zone/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adxcore.com/log/zone/?zoneid=238072&siteid=23152&extzone=&impid=8b5b0e7a285ee63b2a21029cd5a630ccc7740743&ts=1648482752.261&ref=http%3A%2F%2Furlz.fr%2FhO8Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.173 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:52:32 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
no-cache, max-age=2592000
content-length
57
expires
Wed, 27 Apr 2022 15:52:32 GMT
truncated
/ Frame 0265 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
arrows.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
icons.png
vrbnk0000t.temp.swtest.ru/img/ Frame 0265 		0
0
truncated
/ Frame 0265 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ Frame 0265 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
truncated
/ Frame 0265 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://vrbnk0000t.temp.swtest.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
link-icons.png
vrbnk0000t.temp.swtest.ru/style/ Frame 0265 		0
0
headerstats
as-sec.casalemedia.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
spl.zeotap.com
URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/kampagne-zuversicht-bvr-stoerer.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/apple-pay-mastercard-1600x550-2.jpg
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/unwetterkatastrophe-bvr-1600x550.jpg
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/unwetterkatastrophe-bvr-stoerer.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/schwaebisch-hall.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/union-investment.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/r-v.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/easy-credit.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/dz-bank.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/dz-privatbank.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/vr-smart-finanz.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/footer-brands-dz-hyp.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/muenchener-hyp.png
Domain
api.rlcdn.com
URL
http://api.rlcdn.com/api/identity?pid=2&rt=envelope
Domain
match.adsrvr.org
URL
http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Domain
s.cpx.to
URL
https://s.cpx.to/fire.js?pid=12773&ref=&url=http%3A%2F%2Furlz.fr%2FhO8Q&hn_ver=40&fid=0719750b-7b78-4f59-be8a-2736f99f3a5a
Domain
adtrack.adleadevent.com
URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Domain
ad.missena.io
URL
https://ad.missena.io/?t=PA-44335945
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/arrows.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/img/icons.png
Domain
vrbnk0000t.temp.swtest.ru
URL
http://vrbnk0000t.temp.swtest.ru/style/link-icons.png
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=http%3A%2F%2Furlz.fr%2FhO8Q&v=3

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored object| __cfQR function| __tcfapi function| __uspapi object| adxcore function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| ix_lib object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetRichAudienceZone function| GetAdmixerZone function| GetGothamadsZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText string| pubstack_ab object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26322 function| refreshVisibility30012 function| Adcall_30012 function| refreshVisibility26328 object| sc function| Adcall_26328 string| page boolean| timepast function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager function| MobileDetect object| md object| google_tag_data string| GoogleAnalyticsObject function| ga function| tmzrChunk object| _pbjsGlobals object| ADAGIO object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 object| pubstack_publica number| bidder_geo object| _clrm

0 Cookies

7 Console Messages

Source Level URL
Text
javascript error URL: http://urlz.fr/hO8Q
Message:
Access to XMLHttpRequest at 'https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258' (redirected from 'http://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258') from origin 'http://urlz.fr' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://urlz.fr' that is not equal to the supplied origin.
network error URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://urlz.fr/hO8Q
Message:
Access to XMLHttpRequest at 'http://api.rlcdn.com/api/identity?pid=2&rt=envelope' from origin 'http://urlz.fr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://urlz.fr/hO8Q
Message:
Access to XMLHttpRequest at 'http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329' from origin 'http://urlz.fr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Message:
Failed to load resource: net::ERR_FAILED
network error URL: http://vrbnk0000t.temp.swtest.ru/img/icons.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adxcore.com
ad.missena.io
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
c.amazon-adsystem.com
c.tmyzer.com
ced.sascdn.com
csync-eu.smartadserver.com
csync-global.smartadserver.com
currency.prebid.org
d2zur9cc2gf1tx.cloudfront.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
js-sec.indexww.com
l.adxcore.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rules.quantcount.com
s.cpx.to
secure.quantserve.com
spl.zeotap.com
tag.leadplace.fr
test.quantcast.mgr.consensu.org
urlz.fr
vrbnk0000t.temp.swtest.ru
www.google-analytics.com
www.googletagmanager.com
ad.missena.io
adtrack.adleadevent.com
api.rlcdn.com
as-sec.casalemedia.com
match.adsrvr.org
s.cpx.to
spl.zeotap.com
vrbnk0000t.temp.swtest.ru
143.204.95.188
145.239.192.166
151.139.128.11
18.64.84.97
2.16.186.26
2.18.234.21
2600:9000:2156:5000:3:a4cd:8380:93a1
2600:9000:2156:5e00:9:46dc:4700:93a1
2600:9000:2156:8c00:19:2cf2:a900:93a1
2600:9000:2156:ee00:6:44e3:f8c0:93a1
2606:4700:10::ac43:2a23
2606:4700:10::ac43:db6
2606:4700:3038::6815:ead7
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:803::200a
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a02:2638:1::13
2a02:26f0:6c00::210:ba18
2a02:26f0:f7::5c7b:e12b
5.39.39.173
51.38.120.206
51.89.21.8
52.215.1.116
54.38.64.100
77.222.61.25
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
07602c282af342c14e9e273a2e2a076691dfb31d6f545655d93407d57a5197b1
12f8ff0cdb3c7d09b2fd5a0bbad514318283c15fcbbb224bb7fd6d5225b95c50
21da0d5e35a3dbe9f020686f4e0389c01fe3a8d7d2f892ea100f7969b58a0e6f
230ea8e5e1b20b2395c97d8362ac744e86ce086160034e014727a87d1af62f87
2330fb9a498ec10491202314b4a6a0d3ec42afbb763f13f733c4d6b20dc73771
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
336563a08e742fa552e455b6a981b8a5a4893f55ccbe156a8cd32400a1e85590
359cd9f710ebfa3c48a36b951207cf31e31ec57ac51a5a30b5cfc050a86136cb
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3b0b1a81e628f8f1e65cf42231b3206acb63c91d3e1023565684d5b67daf3795
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
447ca3a97e3cf55835cb3034b55810b1c6f63955776190d00281f53069b7090c
56d9b5ca65d66f2848a6101725462beff731f56f977434a8fb0a5a51a3db671d
5735845630edf16424bffe3a1bfb8909d86da623c5fb56c3111e01bff1d8738e
61eae68e07c7fc3a6bcdb7237cac5e6d03f519ad8397613e47a4e5f473901a82
63c6df19c6ecf63f60d07b9851a8fb9fea860bbe15faa1adc7e39020639293ce
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6a38eb279deb26c3dbebe12f03b3c836c9b3a16f030388e3d143ae5478de2890
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b44b377da55d29f0ce55d46bd39e0b6238d708780201010001d735adcce5191
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8f0b689526db289d583bf8f2b115f9bbb16846f7d08e17a5a81770634eea842e
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc
966ebda03f5ece17fb50895816842ceb3bcff62573e45a214a40d1d64f22005b
9c26f7da50967fc6a97bed5aa2e483e22666530c5474469c59834ebc371e4669
9d624a34abafa8aecfc4a275a095251b8614c3381cd869e23b75304a72634162
9e8c63b62a891105bd80727fb009b5f57174cd5d93e352b72918a63d02bc0c4a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f
af04aec736c43b3a1e44614897ae314d3f624fcdc15f6d9749600963b20e4eff
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bc05a1ca60c258a64f01ff17f226616fc12cceca10ef68510ef3d06defea82b2
c825e9b517a70daf14196922b7c35578f62e5facea44a808acf4dadda1456b85
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce356d9a8068194f2daf17cfd5789d6c59d053cdf14892f7b8369226ae4f7991
dc4af140924081d5079f67a7d106c06cddedb3c9b725df91d184c7c2462c424c
de25df831c2204b16c2ece47f91e92806a2ac8f1cd8902e7a7a60d576d7b66eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e892054021c8520ab564d5edbee33ec24ba52e51c065299f5500a6270bbee406
ee2c214d2fab6deccda9e13828ef031e3a07d011bf9496a618e37fbaea2404d7
f0256e12514b5738ca8bf76f9fb64da213f990a54ec0e604611a30021dcf7530
f8e55db9679b4a3ddff3bc2396c596ffe5db574888dcf2f5c6c5536075abac28
f94336003daab5b9ffc70f5f4d4588d360bc6081c4e708ed111ba0520fe0fc05