urlz.fr Open in urlscan Pro
2606:4700:3038::6815:ead6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://urlz.fr/hO8Q
Submission: On March 29 via manual (March 29th 2022, 11:22:05 am UTC) from DE — Scanned from FR

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3038::6815:ead6, located in United States and belongs to CLOUDFLARENET, US. The main domain is urlz.fr. The Cisco Umbrella rank of the primary domain is 381218.

This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3038::6815:ead6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	77.222.61.25 77.222.61.25	44112 (SWEB-AS) (SWEB-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
6 12	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:10:... 2606:4700:10::6816:30e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	6

2 2606:4700:3038::6815:ead6 (United States)

ASN13335 (CLOUDFLARENET, US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 77.222.61.25 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh289.sweb.ru

vrbnk0000t.temp.swtest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.139.128.11 (United States) 6 redirects

ASN20446 (STACKPATH-CDN, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:30e3 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.adxcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	swtest.ru vrbnk0000t.temp.swtest.ru	293 KB
12	themoneytizer.com 6 redirects ads.themoneytizer.com — Cisco Umbrella Rank: 25926	62 KB
2	urlz.fr urlz.fr — Cisco Umbrella Rank: 381218	8 KB
1	adxcore.com ad.adxcore.com — Cisco Umbrella Rank: 266032	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 132	37 KB
30	5

	Domain	Requested by
16	vrbnk0000t.temp.swtest.ru	urlz.fr vrbnk0000t.temp.swtest.ru
12	ads.themoneytizer.com	6 redirects urlz.fr
2	urlz.fr	urlz.fr
1	ad.adxcore.com	urlz.fr
1	www.googletagmanager.com	urlz.fr
30	5

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://urlz.fr/hO8Q
Frame ID: 437328278A25FEB7D13EEE86D07AADA4
Requests: 10 HTTP requests in this frame

Frame: http://vrbnk0000t.temp.swtest.ru/Login.php
Frame ID: 86AD8113A4CCF4343ECBE16BC3AD68D9
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal für Privatkunden - Volksbank Raiffeisenbank

Detected technologies

Advert Stream (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:ad\.advertstream\.com|adxcore\.com)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

30
Requests

7 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

400 kB
Transfer

1441 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6 HTTP 302
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6

Request Chain 4

http://ads.themoneytizer.com/s/gen.js?type=6 HTTP 302
https://ads.themoneytizer.com/s/gen.js?type=6

Request Chain 5

http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28 HTTP 302
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28

Request Chain 6

http://ads.themoneytizer.com/s/gen.js?type=28 HTTP 302
https://ads.themoneytizer.com/s/gen.js?type=28

Request Chain 7

http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 HTTP 302
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1

Request Chain 8

http://ads.themoneytizer.com/s/gen.js?type=1 HTTP 302
https://ads.themoneytizer.com/s/gen.js?type=1

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request hO8Q Show response
urlz.fr/ 9 KB
3 KB 90ms
56ms Document
text/html 2606:4700:3038::6815:ead6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/hO8Q
Protocol: HTTP/1.1
Server: 2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d536c83caeb8fecf09c5e4ba72092956cf3f43416b9144826265e1f9b9a95fe0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Date: Tue, 29 Mar 2022 11:22:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 29 Mar 2022 11:23:00 GMT
Cache-Control: max-age=60
X-FastCGI-Cache: MISS
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HbTWvFG2zlaAHUEy5lVL106Icks8klojnbGLsCnph52zyJ5f1HgMBxhdsDTMEMCH%2FoN%2FezWq9P3XWtyniskK0R4BCWQ3GiGpUtWQ0qrlEclMed7vrGsnQMaJG11Urr9zM3LL1NR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6f3839abefbd7741-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK rocket-loader.min.js Show response
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
5 KB 30ms
30ms Script
application/javascript 2606:4700:3038::6815:ead6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/hO8Q

Protocol

HTTP/1.1

Server

2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/hO8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 24 Mar 2022 11:29:35 GMT
Server: cloudflare
ETag: W/"623c561f-302c"
X-Frame-Options: DENY
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiSLV7G7pJpsSa57CCZ41T934v0l6%2FjdDuls0iarzLJGAFWJ4J6x9k40T9bIglDuqlZhjJDKlwWDU4EM3JGx2mB1MSc5LO9OGjMLfjsgBrwfd3Q1O%2FyNW%2B0SQr4S6Z7OgNK0WPis"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800, public
CF-RAY: 6f3839ac58ad7741-LHR
Expires: Thu, 31 Mar 2022 11:22:01 GMT

GET
H/1.1 200
OK Login.php Show response
vrbnk0000t.temp.swtest.ru/ Frame 86AD 157 KB
40 KB 2424ms
2249ms Document
text/html 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Requested by: Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 / PHP/7.4.16
Resource Hash: 7b44b377da55d29f0ce55d46bd39e0b6238d708780201010001d735adcce5191

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/

Response headers

Server: nginx/1.19.1
Date: Tue, 29 Mar 2022 11:22:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.16
Content-Encoding: gzip

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
37 KB 127ms
47ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162669458-1

Requested by

Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2509ee988f99f9602749a74d5be09de52f0d0da0d91792c9225d7c5f885994cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:22:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37772
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 29 Mar 2022 11:22:01 GMT

GET
H2

200

requestform.js Show response
ads.themoneytizer.com/s/
Redirect Chain

http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6

110 KB
17 KB

101ms
38ms

Script
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by: Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ea5f3822559658e5d38c8ca89ad2cb67246c10d9ce97a37ce0f86cd541da8e02

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:22:01 GMT
content-encoding: gzip
server: nginx
x-hw: 1648552921.cds218.pa1.hn,1648552921.cds229.pa1.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 17607

Redirect headers

Date: Tue, 29 Mar 2022 11:22:01 GMT
Location: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
X-HW: 1648552921.cds018.pa1.h2,1648552921.cds205.pa1.sc,1648552921.cds205.pa1.p
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2

200

gen.js Show response
ads.themoneytizer.com/s/
Redirect Chain

http://ads.themoneytizer.com/s/gen.js?type=6
https://ads.themoneytizer.com/s/gen.js?type=6

4 KB
2 KB

136ms
78ms

Script
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:22:01 GMT
content-encoding: gzip
server: nginx
x-hw: 1648552921.cds218.pa1.hn,1648552921.cds214.pa1.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2073

Redirect headers

Date: Tue, 29 Mar 2022 11:22:01 GMT
Location: https://ads.themoneytizer.com/s/gen.js?type=6
X-HW: 1648552921.cds231.pa1.h2,1648552921.cds046.pa1.sc,1648552921.cds046.pa1.p
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2

200

requestform.js Show response
ads.themoneytizer.com/s/
Redirect Chain

http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28

117 KB
18 KB

127ms
65ms

Script
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f0e0f6db9042e443dbdab0dcada5450fd3b3230e3eed4ba9060133bf097f827f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:22:01 GMT
content-encoding: gzip
server: nginx
x-hw: 1648552921.cds218.pa1.hn,1648552921.cds047.pa1.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18435

Redirect headers

Date: Tue, 29 Mar 2022 11:22:01 GMT
Location: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
X-HW: 1648552921.cds220.pa1.h2,1648552921.cds229.pa1.sc,1648552921.cds229.pa1.p
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2

200

gen.js Show response
ads.themoneytizer.com/s/
Redirect Chain

http://ads.themoneytizer.com/s/gen.js?type=28
https://ads.themoneytizer.com/s/gen.js?type=28

4 KB
2 KB

141ms
79ms

Script
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:22:01 GMT
content-encoding: gzip
server: nginx
x-hw: 1648552921.cds218.pa1.hn,1648552921.cds223.pa1.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2073

Redirect headers

Date: Tue, 29 Mar 2022 11:22:01 GMT
Location: https://ads.themoneytizer.com/s/gen.js?type=28
X-HW: 1648552921.cds039.pa1.h2,1648552921.cds213.pa1.sc,1648552921.cds213.pa1.p
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2

200

requestform.js Show response
ads.themoneytizer.com/s/
Redirect Chain

http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1

117 KB
18 KB

135ms
80ms

Script
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by: Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 50db2e9001bec00e6d3694302f49ad3ac15ddf8430f6d1f09f2e95d4fd293659

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:22:01 GMT
content-encoding: gzip
server: nginx
x-hw: 1648552921.cds218.pa1.hn,1648552921.cds227.pa1.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18424

Redirect headers

Date: Tue, 29 Mar 2022 11:22:01 GMT
Location: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
X-HW: 1648552921.cds013.pa1.h2,1648552921.cds232.pa1.sc,1648552921.cds232.pa1.p
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2

200

gen.js Show response
ads.themoneytizer.com/s/
Redirect Chain

http://ads.themoneytizer.com/s/gen.js?type=1
https://ads.themoneytizer.com/s/gen.js?type=1

4 KB
2 KB

127ms
65ms

Script
text/html

151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: urlz.fr
URL: http://urlz.fr/hO8Q
Protocol: H2
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:22:01 GMT
content-encoding: gzip
server: nginx
x-hw: 1648552921.cds218.pa1.hn,1648552921.cds212.pa1.c
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2073

Redirect headers

Date: Tue, 29 Mar 2022 11:22:01 GMT
Location: https://ads.themoneytizer.com/s/gen.js?type=1
X-HW: 1648552921.cds027.pa1.h2,1648552921.cds220.pa1.sc,1648552921.cds220.pa1.p
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0

GET
H2 200 / Show response
ad.adxcore.com/a/init/ 4 KB
2 KB 134ms
41ms Script
application/x-javascript 2606:4700:10::6816:30e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adxcore.com/a/init/?site=23152
Requested by: Host: urlz.fr
URL: http://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:30e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd7b25907ab8820da95d54b5b42106a16bbde71bb833107b2831c0bf642522d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 11:22:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 11:00:22 GMT
server: cloudflare
age: 1299
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, max-age=3600, max-age=2592000
accept-ranges: bytes
cf-ray: 6f3839ad2f574075-CDG
content-length: 1791
expires: Thu, 28 Apr 2022 11:00:22 GMT

GET vr021___-webfont.woff2
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 0
0

GET vr051___-webfont.woff2
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 0
0

GET
H/1.1 200
OK style.css
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 409 B
683 B 137ms
75ms Stylesheet
text/css 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vrbnk0000t.temp.swtest.ru/style/style.css
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 56d9b5ca65d66f2848a6101725462beff731f56f977434a8fb0a5a51a3db671d

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:03 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:08 GMT
Server: nginx/1.19.1
ETag: "4f661c0-199-5db05b8f5f700"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 409

GET
H/1.1 200
OK vr.css
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 648 KB
96 KB 1028ms
966ms Stylesheet
text/css 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://vrbnk0000t.temp.swtest.ru/style/vr.css
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 9c26f7da50967fc6a97bed5aa2e483e22666530c5474469c59834ebc371e4669

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Mar 2022 07:15:08 GMT
Server: nginx/1.19.1
ETag: W/"4f661c5-a208d-5db05b8f5f700"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET
H/1.1 200
OK logo-vr.svg
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 11 KB
4 KB 70ms
70ms Image
image/svg+xml 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/logo-vr.svg
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Mar 2022 07:15:07 GMT
Server: nginx/1.19.1
ETag: W/"4f661ba-2cc5-5db05b8e6b4c0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10

GET kampagne-zuversicht-bvr-1600x550.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 0
0

GET
H/1.1 200
OK kampagne-zuversicht-bvr-stoerer.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 82 KB
83 KB 140ms
73ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/kampagne-zuversicht-bvr-stoerer.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 07602c282af342c14e9e273a2e2a076691dfb31d6f545655d93407d57a5197b1

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:03 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:07 GMT
Server: nginx/1.19.1
ETag: "4f661b8-1495f-5db05b8e6b4c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 84319

GET apple-pay-mastercard-1600x550-2.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 0
0

GET
H/1.1 200
OK unwetterkatastrophe-bvr-1600x550.jpg
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 9 KB
10 KB 80ms
79ms Image
image/jpeg 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/unwetterkatastrophe-bvr-1600x550.jpg
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 5735845630edf16424bffe3a1bfb8909d86da623c5fb56c3111e01bff1d8738e

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:03 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:08 GMT
Server: nginx/1.19.1
ETag: "4f661c2-2599-5db05b8f5f700"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 9625

GET
H/1.1 200
OK unwetterkatastrophe-bvr-stoerer.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 29 KB
29 KB 79ms
79ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/unwetterkatastrophe-bvr-stoerer.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 336563a08e742fa552e455b6a981b8a5a4893f55ccbe156a8cd32400a1e85590

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:08 GMT
Server: nginx/1.19.1
ETag: "4f661c3-73e7-5db05b8f5f700"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 29671

GET
H/1.1 200
OK schwaebisch-hall.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 1009 B
1 KB 82ms
82ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/schwaebisch-hall.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 63c6df19c6ecf63f60d07b9851a8fb9fea860bbe15faa1adc7e39020639293ce

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:08 GMT
Server: nginx/1.19.1
ETag: "4f661bf-3f1-5db05b8f5f700"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1009

GET
H/1.1 200
OK union-investment.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 12 KB
12 KB 73ms
73ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/union-investment.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: dc4af140924081d5079f67a7d106c06cddedb3c9b725df91d184c7c2462c424c

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:08 GMT
Server: nginx/1.19.1
ETag: "4f661c1-2e48-5db05b8f5f700"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 11848

GET
H/1.1 200
OK r-v.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 7 KB
7 KB 79ms
79ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/r-v.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 21da0d5e35a3dbe9f020686f4e0389c01fe3a8d7d2f892ea100f7969b58a0e6f

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:08 GMT
Server: nginx/1.19.1
ETag: "4f661be-1a7f-5db05b8f5f700"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 6783

GET
H/1.1 200
OK easy-credit.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 2 KB
2 KB 77ms
77ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/easy-credit.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 9e8c63b62a891105bd80727fb009b5f57174cd5d93e352b72918a63d02bc0c4a

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:06 GMT
Server: nginx/1.19.1
ETag: "4f661a9-720-5db05b8d77280"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1824

GET
H/1.1 200
OK dz-bank.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 969 B
1 KB 100ms
99ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/dz-bank.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 359cd9f710ebfa3c48a36b951207cf31e31ec57ac51a5a30b5cfc050a86136cb

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:06 GMT
Server: nginx/1.19.1
ETag: "4f661a7-3c9-5db05b8d77280"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 969

GET
H/1.1 200
OK dz-privatbank.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 2 KB
2 KB 85ms
85ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/dz-privatbank.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 9d624a34abafa8aecfc4a275a095251b8614c3381cd869e23b75304a72634162

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:06 GMT
Server: nginx/1.19.1
ETag: "4f661a8-839-5db05b8d77280"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 2105

GET
H/1.1 200
OK vr-smart-finanz.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 2 KB
2 KB 85ms
85ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/vr-smart-finanz.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 3b0b1a81e628f8f1e65cf42231b3206acb63c91d3e1023565684d5b67daf3795

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:08 GMT
Server: nginx/1.19.1
ETag: "4f661c4-6d3-5db05b8f5f700"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1747

GET
H/1.1 200
OK footer-brands-dz-hyp.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 891 B
1 KB 87ms
87ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/footer-brands-dz-hyp.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: ee2c214d2fab6deccda9e13828ef031e3a07d011bf9496a618e37fbaea2404d7

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:07 GMT
Server: nginx/1.19.1
ETag: "4f661b1-37b-5db05b8e6b4c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 891

GET
H/1.1 200
OK muenchener-hyp.png
vrbnk0000t.temp.swtest.ru/style/ Frame 86AD 2 KB
2 KB 91ms
91ms Image
image/png 77.222.61.25
SWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vrbnk0000t.temp.swtest.ru/style/muenchener-hyp.png
Requested by: Host: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/Login.php
Protocol: HTTP/1.1
Server: 77.222.61.25 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh289.sweb.ru
Software: nginx/1.19.1 /
Resource Hash: 12f8ff0cdb3c7d09b2fd5a0bbad514318283c15fcbbb224bb7fd6d5225b95c50

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: http://vrbnk0000t.temp.swtest.ru/Login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 11:22:04 GMT
Last-Modified: Fri, 25 Mar 2022 07:15:07 GMT
Server: nginx/1.19.1
ETag: "4f661bb-677-5db05b8e6b4c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 1655

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/style/vr021___-webfont.woff2

Domain: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/style/vr051___-webfont.woff2

Domain: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/style/kampagne-zuversicht-bvr-1600x550.jpg

Domain: vrbnk0000t.temp.swtest.ru
URL: http://vrbnk0000t.temp.swtest.ru/style/apple-pay-mastercard-1600x550-2.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adxcore.com
ads.themoneytizer.com
urlz.fr
vrbnk0000t.temp.swtest.ru
www.googletagmanager.com
vrbnk0000t.temp.swtest.ru
151.139.128.11
2606:4700:10::6816:30e3
2606:4700:3038::6815:ead6
2a00:1450:4001:827::2008
77.222.61.25
07602c282af342c14e9e273a2e2a076691dfb31d6f545655d93407d57a5197b1
12f8ff0cdb3c7d09b2fd5a0bbad514318283c15fcbbb224bb7fd6d5225b95c50
21da0d5e35a3dbe9f020686f4e0389c01fe3a8d7d2f892ea100f7969b58a0e6f
2509ee988f99f9602749a74d5be09de52f0d0da0d91792c9225d7c5f885994cb
336563a08e742fa552e455b6a981b8a5a4893f55ccbe156a8cd32400a1e85590
359cd9f710ebfa3c48a36b951207cf31e31ec57ac51a5a30b5cfc050a86136cb
3b0b1a81e628f8f1e65cf42231b3206acb63c91d3e1023565684d5b67daf3795
50db2e9001bec00e6d3694302f49ad3ac15ddf8430f6d1f09f2e95d4fd293659
56d9b5ca65d66f2848a6101725462beff731f56f977434a8fb0a5a51a3db671d
5735845630edf16424bffe3a1bfb8909d86da623c5fb56c3111e01bff1d8738e
63c6df19c6ecf63f60d07b9851a8fb9fea860bbe15faa1adc7e39020639293ce
7b44b377da55d29f0ce55d46bd39e0b6238d708780201010001d735adcce5191
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
9bd7b25907ab8820da95d54b5b42106a16bbde71bb833107b2831c0bf642522d
9c26f7da50967fc6a97bed5aa2e483e22666530c5474469c59834ebc371e4669
9d624a34abafa8aecfc4a275a095251b8614c3381cd869e23b75304a72634162
9e8c63b62a891105bd80727fb009b5f57174cd5d93e352b72918a63d02bc0c4a
a98221c9155dc607127fe88bbcbc7d88296b084a56661ff27f627e7913dc5c8f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d536c83caeb8fecf09c5e4ba72092956cf3f43416b9144826265e1f9b9a95fe0
dc4af140924081d5079f67a7d106c06cddedb3c9b725df91d184c7c2462c424c
ea5f3822559658e5d38c8ca89ad2cb67246c10d9ce97a37ce0f86cd541da8e02
ee2c214d2fab6deccda9e13828ef031e3a07d011bf9496a618e37fbaea2404d7
f0e0f6db9042e443dbdab0dcada5450fd3b3230e3eed4ba9060133bf097f827f

urlz.fr Open in urlscan Pro 2606:4700:3038::6815:ead6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

7 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

400 kBTransfer

1441 kBSize

0 Cookies

0 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

urlz.fr Open in urlscan Pro
2606:4700:3038::6815:ead6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

7 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

400 kB
Transfer

1441 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!